4 matches found
MiracleLinux 9 : golang-1.19.10-1.el9, go-toolset-1.19.10-1.el9 (AXSA:2023-6174:04)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6174:04 advisory. golang: cmd/go: go command may generate unexpected code at build time when using cgo CVE-2023-29402 golang: cmd/go: go command may execute arbitrary...
TencentOS Server 3: go-toolset:rhel8 (TSSA-2023:0177)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0177 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
BELL-CVE-2023-29404 CVE-2023-29404 does not affect BellSoft software
Bulletin has no description...
AZL-27140 CVE-2023-29404 affecting package golang for versions less than 1.20.7-1
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...