A validation flaw was found in golang. When invoking functions from WASM modules built using GOARCH=wasm GOOS=js, passing very large arguments can cause portions of the module to be overwritten with data from the arguments. The highest threat from this vulnerability is to integrity. An out of bounds read vulnerability was found in debug/macho of the Go standard library. When using the debug/macho ...
A validation flaw was found in golang. When invoking functions from WASM modules built using GOARCH=wasm GOOS=js, passing very large arguments can cause portions of the module to be overwritten with data from the arguments. The highest threat from this vulnerability is to integrity. A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potenti ...
The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved using the go command, i.e. via "go get", are not affected
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix: * golang: Command-line arguments may overwrite global data * golang: archive/zip: malformed archive may cause panic or memory exhaustion * golang: debug/macho: invalid dynamic symbol table command can cause panic * golang: archive/zip: Reader.Open panics on empty string * go ...
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix: * golang: net/http: limit growth of header canonicalization cache * golang: syscall: don"t close fd 0 on ForkExec error For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in ...
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler. Security Fix: * golang: cmd/go: go command may generate unexpected code at build time when using cgo * golang: cmd/go: go command may execute arbitrary code at build time when using cgo * golang: cmd/cgo: Arbitratry code execu ...