Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suse backports - vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2018-16874
In Go prior to 1.10.6 and 1.11.x prior to 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both '{' and '}' characters). Specifically, it is on...