Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

37 matches found

Tenable Nessus
Tenable Nessusadded 2025/03/04 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2018-16873

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Go before 1.10.6 and 1.11.x before 1.11.3, the go get command is vulnerable to remote code execution when executed with the -u flag and the import path of a...

8.1CVSS7.5AI score0.56804EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2023/06/29 5:33 a.m.2 views

golang: cmd/go: go command may generate unexpected code at build time when using cgo

A flaw was found in golang. The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program that uses cgo. This can occur when running an untrusted module that contains directories with newline characters in their names...

9.8CVSS7.1AI score0.00125EPSS
Exploits0References8
RedhatCVE
RedhatCVEadded 2023/06/26 6:17 p.m.37 views

CVE-2023-29402

A flaw was found in golang. The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program that uses cgo. This can occur when running an untrusted module that contains directories with newline characters in their names...

7CVSS9AI score0.00125EPSS
Exploits0References7
OSV
OSVadded 2023/06/08 9:15 p.m.31 views

CVE-2023-29402

The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved...

9.8CVSS7.4AI score
Exploits0References8
OSV
OSVadded 2023/06/08 9:15 p.m.1 views

DEBIAN-CVE-2023-29402

The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved...

9.8CVSS7.5AI score0.00125EPSS
Exploits0References1
NVD
NVDadded 2023/06/08 9:15 p.m.17 views

CVE-2023-29402

The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved...

9.8CVSS9.5AI score0.00125EPSS
Exploits0References8
OSV
OSVadded 2023/06/08 9:15 p.m.2 views

UBUNTU-CVE-2023-29402

The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved...

9.8CVSS6.7AI score0.00125EPSS
Exploits0References8
Prion
Prionadded 2023/06/08 9:15 p.m.25 views

Command injection

The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved...

7.5CVSS9.3AI score0.00125EPSS
Exploits0References7Affected Software2
Debian CVE
Debian CVEadded 2023/06/08 8:19 p.m.68 views

CVE-2023-29402

The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved...

9.8CVSS7.2AI score0.00125EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2023/06/08 8:19 p.m.97 views

CVE-2023-29402

The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved...

9.8CVSS9.7AI score0.00125EPSS
Exploits0
OSV
OSVadded 2023/06/08 8:16 p.m.64 views

GO-2023-1839 Code injection via go command with cgo in cmd/go

The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved...

9.8CVSS8.5AI score0.00125EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2023/06/08 12:0 a.m.59 views

CVE-2023-29402

The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved...

9.8CVSS6.8AI score0.00125EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2023/04/05 12:0 a.m.5 views

PT-2023-3109 · Go +11 · Go +11

Name of the Vulnerable Software and Affected Versions: Go affected versions not specified Description: The issue is related to incorrect code generation when handling directory names with newline characters in the Go programming language's Cgo module. This may result in unexpected behavior when...

9.8CVSS7AI score0.944EPSS
Exploits20References249
OSV
OSVadded 2022/08/04 9:30 p.m.39 views

GO-2022-0189 Remote command execution via "go get" with "-u" flag in cmd/go

The "go get" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not in module mode the distinction is documented a...

8.1CVSS8.1AI score0.56804EPSS
Exploits0References4
OSV
OSVadded 2022/08/02 3:44 p.m.31 views

GO-2022-0190 Directory traversal via "go get" command in cmd/go

The "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly brace both '' and '' characters. Specifically, it is only vulnerable in GOPATH mode, but not in module mode the distinction is documented at...

8.1CVSS7.8AI score0.05743EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2019/04/01 12:0 a.m.32 views

openSUSE Security Update : containerd / docker / docker-runc / etc (openSUSE-2019-1079)

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork, runc fixes the following issues : Security issues fixed : - CVE-2018-16875: Fixed a CPU Denial of Service bsc1118899. - CVE-2018-16874: Fixed a vulnerabity in go get command which could allow directory traversal in...

9.3CVSS7.7AI score0.59178EPSS
Exploits33References15
Tenable Nessus
Tenable Nessusadded 2018/12/31 12:0 a.m.53 views

openSUSE Security Update : containerd / docker and go (openSUSE-2018-1626)

This update for containerd, docker and go fixes the following issues : containerd and docker : - Add backport for building containerd bsc1102522, bsc1113313 - Upgrade to containerd v1.1.2, which is required for Docker v18.06.1-ce. bsc1102522 - Enable seccomp support fate325877 - Update to...

9.3CVSS7AI score0.56804EPSS
Exploits1References26
CNVD
CNVDadded 2018/12/17 12:0 a.m.1 views

Google Go Remote Code Execution Vulnerability

Google Go is a programming language optimized for programming applications on multiprocessor systems by Google. A remote code execution vulnerability exists in the 'go get' command in Google Go versions prior to 1.10.6 and 1.11.x prior to 1.11.3 GOPATH mode, which can be exploited by a remote...

8.1CVSS7.7AI score0.56804EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2018/12/17 12:0 a.m.46 views

Amazon Linux AMI : golang (ALAS-2018-1130)

In Go before 1.10.6 and 1.11.x before 1.11.3, the 'go get' command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not ...

8.1CVSS8AI score0.56804EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2018/12/14 2:29 p.m.1 views

CVE-2018-16874

In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces both '' and '' characters. Specifically, it is only vulnerable in GOPATH mode, but not in module mode th...

8.1CVSS8.9AI score0.05743EPSS
Exploits0References15Affected Software1
Rows per page
Query Builder