Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2020-28366

A flaw was found in go beforer 1.15.5 where the go command may execute arbitrary code at build time when cgo is in use. This may occur when running go get on a malicious package, or any other command that builds untrusted code.

Source

Severity High

Remote Yes

Type Arbitrary code execution

Description

A flaw was found in go beforer 1.15.5  where the go command may execute arbitrary code at build time when cgo is in use. This may occur when running go get on a malicious package, or any other command that builds untrusted code.

AVG-1278 go 2:1.15.4-1 2:1.15.5-1 High Fixed

https://github.com/golang/go/issues/42562
https://github.com/golang/go/commit/32159824698a82a174b60a6845e8494ae3243102

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Vulmon Search

About

Products

Connect