2 matches found
AZL-47225 CVE-2023-29402 affecting package golang for versions less than 1.22.7-2
The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved...
CVE-2023-29402 Code injection via go command with cgo in cmd/go
The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved...