Summary
Detail | |||
---|---|---|---|
Vendor | Golang | First view | 2019-03-08 |
Product | Go | Last view | 2021-01-26 |
Version | 1.8.5 | Type | Application |
Update | rc4 | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:golang:go |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.5 | 2021-01-26 | CVE-2021-3115 | Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download). |
9.8 | 2019-05-13 | CVE-2019-11888 | Go through 1.12.5 on Windows mishandles process creation with a nil environment in conjunction with a non-nil token, which allows attackers to obtain sensitive information or gain privileges. |
7.8 | 2019-03-08 | CVE-2019-9634 | Go through 1.12 on Windows misuses certain LoadLibrary functionality, leading to DLL injection. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
33% (1) | CWE-427 | Uncontrolled Search Path Element |
33% (1) | CWE-269 | Improper Privilege Management |
33% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
Snort® IPS/IDS
Date | Description |
---|---|
2019-05-14 | Go binary bll-load exploit attempt RuleID : 49786 - Type : FILE-OTHER - Revision : 1 |
2019-05-14 | Go binary dll-load exploit attempt RuleID : 49785 - Type : FILE-OTHER - Revision : 1 |
2019-05-14 | Go binary dll-load exploit attempt RuleID : 49784 - Type : FILE-OTHER - Revision : 1 |
2019-05-14 | Go binary dll-load exploit attempt RuleID : 49783 - Type : FILE-OTHER - Revision : 1 |
2019-05-14 | Go binary dll-load exploit attempt RuleID : 49782 - Type : FILE-OTHER - Revision : 1 |
2019-05-14 | Go binary dll-load exploit attempt RuleID : 49781 - Type : FILE-OTHER - Revision : 1 |