Vulnerabilidades em Go toolchain
22 resultadosCVE-2020-28367—Arbitrary code execution via the go command with cgo in cmd/goEPSS 2.4%CVE-2020-28366—Arbitrary code execution in go command with cgo in cmd/go and cmd/cgoEPSS 2.2%CVE-2023-29404CRITICALImproper handling of non-optional LDFLAGS in go command with cgo in cmd/goEPSS 1.8%CVE-2023-39323HIGHArbitrary code execution during build via line directives in cmd/goEPSS 1.7%CVE-2023-29405CRITICALImproper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/goEPSS 1.7%CVE-2023-29402CRITICALCode injection via go command with cgo in cmd/goEPSS 1.7%CVE-2023-39320—Arbitrary code execution via go.mod toolchain directive in cmd/goEPSS 1.4%CVE-2023-45285—Command 'go get' may unexpectedly fallback to insecure git in cmd/goEPSS 1.1%CVE-2023-24531CRITICALOutput of "go env" does not sanitize values in cmd/goEPSS 0.8%CVE-2024-24787MEDIUMArbitrary code execution during build on Darwin in cmd/goEPSS 0.8%CVE-2024-45340HIGHGOAUTH credential leak in cmd/goEPSS 0.7%CVE-2025-22867HIGHArbitrary code execution during build on darwin in cmd/goEPSS 0.6%CVE-2026-27143CRITICALMissing bound checks can lead to memory corruption in safe Go in cmd/compileEPSS 0.5%CVE-2026-27140HIGHCode execution vulnerability in SWIG code generation in cmd/goEPSS 0.5%CVE-2025-61731HIGHArbitrary file write using cgo pkg-config directive in cmd/goEPSS 0.4%CVE-2025-68119HIGHUnexpected code execution when invoking toolchain in cmd/goEPSS 0.3%CVE-2026-27144HIGHMiscompilation allows memory corruption via CONVNOP-wrapped array copy in cmd/compileEPSS 0.3%CVE-2025-4674HIGHUnexpected command execution in untrusted VCS repositories in cmd/goEPSS 0.3%CVE-2026-42501HIGHMalicious module proxy can bypass checksum database in cmd/goEPSS 0.2%CVE-2025-61732HIGHPotential code smuggling via doc comments in cmd/cgoEPSS 0.2%