go

command standard library
Go to main page

Versions in this module

go1
go1.26.3
May 7, 2026
go1.26.2
Apr 7, 2026 GO-2026-4978 +2 more
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.26.1
Mar 6, 2026 GO-2026-4871 +3 more
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.26.0
Feb 10, 2026 GO-2026-4871 +3 more
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.26rc3
Feb 4, 2026 GO-2026-4871 +3 more
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.26rc2
Jan 15, 2026 GO-2026-4871 +3 more
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.26rc1
Dec 16, 2025 GO-2026-4871 +3 more
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.25.10
May 7, 2026
go1.25.9
Apr 7, 2026 GO-2026-4978 +2 more
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.25.8
Mar 6, 2026 GO-2026-4871 +3 more
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.25.7
Feb 4, 2026 GO-2026-4871 +3 more
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.25.6
Jan 15, 2026 GO-2026-4871 +3 more
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.25.5
Dec 2, 2025 GO-2026-4338 +5 more
Alert  GO-2026-4338: Unexpected code execution when invoking toolchain in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.25.4
Nov 5, 2025 GO-2026-4338 +5 more
Alert  GO-2026-4338: Unexpected code execution when invoking toolchain in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.25.3
Oct 13, 2025 GO-2026-4338 +5 more
Alert  GO-2026-4338: Unexpected code execution when invoking toolchain in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.25.2
Oct 7, 2025 GO-2026-4338 +5 more
Alert  GO-2026-4338: Unexpected code execution when invoking toolchain in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.25.1
Sep 3, 2025 GO-2026-4338 +5 more
Alert  GO-2026-4338: Unexpected code execution when invoking toolchain in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.25.0
Aug 12, 2025 GO-2026-4338 +5 more
Alert  GO-2026-4338: Unexpected code execution when invoking toolchain in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.25rc3
Aug 6, 2025 GO-2026-4871 +3 more
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.25rc2
Jul 8, 2025 GO-2026-4871 +3 more
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.25rc1
Jun 11, 2025 GO-2026-4871 +3 more
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.24.13
Feb 4, 2026 GO-2026-4871 +3 more
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.24.12
Jan 15, 2026 GO-2026-4871 +3 more
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.24.11
Dec 2, 2025 GO-2026-4339 +4 more
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.24.10
Nov 5, 2025 GO-2026-4339 +4 more
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.24.9
Oct 13, 2025 GO-2026-4339 +4 more
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.24.8
Oct 7, 2025 GO-2026-4339 +4 more
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.24.7
Sep 3, 2025 GO-2026-4339 +4 more
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.24.6
Aug 6, 2025 GO-2026-4339 +4 more
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.24.5
Jul 8, 2025 GO-2026-4339 +4 more
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.24.4
Jun 5, 2025 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.24.3
May 6, 2025 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.24.2
Apr 1, 2025 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.24.1
Mar 4, 2025 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.24.0
Feb 11, 2025 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.24rc3
Feb 5, 2025 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.24rc2
Jan 16, 2025 GO-2025-3428 +6 more
Alert  GO-2025-3428: Arbitrary code execution during build on darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.24rc1
Dec 13, 2024 GO-2025-3383 +6 more
Alert  GO-2025-3383: GOAUTH credential leak in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.23.12
Aug 6, 2025 GO-2026-4339 +4 more
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.23.11
Jul 8, 2025 GO-2026-4339 +4 more
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.23.10
Jun 5, 2025 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.23.9
May 6, 2025 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.23.8
Apr 1, 2025 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.23.7
Mar 4, 2025 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.23.6
Feb 4, 2025 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.23.5
Jan 16, 2025 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.23.4
Dec 3, 2024 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.23.3
Nov 6, 2024 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.23.2
Oct 1, 2024 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.23.1
Sep 5, 2024 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.23.0
Aug 13, 2024 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.23rc2
Jul 16, 2024 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.23rc1
Jun 21, 2024 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.22.12
Feb 4, 2025 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.22.11
Jan 16, 2025 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.22.10
Dec 3, 2024 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.22.9
Nov 6, 2024 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.22.8
Oct 1, 2024 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.22.7
Sep 5, 2024 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.22.6
Aug 6, 2024 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.22.5
Jul 2, 2024 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.22.4
Jun 4, 2024 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.22.3
May 7, 2024 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.22.2
Apr 3, 2024 GO-2024-2825 +6 more
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.22.1
Mar 5, 2024 GO-2024-2825 +6 more
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.22.0
Feb 6, 2024 GO-2024-2825 +6 more
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.22rc2
Jan 24, 2024 GO-2024-2825 +6 more
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.22rc1
Dec 19, 2023 GO-2024-2825 +6 more
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.21.13
Aug 6, 2024 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.21.12
Jul 2, 2024 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.21.11
Jun 4, 2024 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.21.10
May 7, 2024 GO-2025-3828 +5 more
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.21.9
Apr 3, 2024 GO-2024-2825 +6 more
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.21.8
Mar 5, 2024 GO-2024-2825 +6 more
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.21.7
Feb 6, 2024 GO-2024-2825 +6 more
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.21.6
Jan 9, 2024 GO-2024-2825 +6 more
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.21.5
Dec 5, 2023 GO-2024-2825 +6 more
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.21.4
Nov 7, 2023 GO-2023-2383 +7 more
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.21.3
Oct 10, 2023 GO-2023-2383 +7 more
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.21.2
Oct 5, 2023 GO-2023-2383 +7 more
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.21.1
Sep 6, 2023 GO-2023-2095 +8 more
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.21.0
Aug 8, 2023 GO-2023-2042 +9 more
Alert  GO-2023-2042: Arbitrary code execution via go.mod toolchain directive in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.21rc4
Aug 2, 2023 GO-2023-2042 +9 more
Alert  GO-2023-2042: Arbitrary code execution via go.mod toolchain directive in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.21rc3
Jul 14, 2023 GO-2023-2042 +9 more
Alert  GO-2023-2042: Arbitrary code execution via go.mod toolchain directive in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.21rc2
Jun 21, 2023 GO-2023-2042 +9 more
Alert  GO-2023-2042: Arbitrary code execution via go.mod toolchain directive in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.21rc1
Jun 16, 2023 GO-2023-2042 +9 more
Alert  GO-2023-2042: Arbitrary code execution via go.mod toolchain directive in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.20.14
Feb 6, 2024 GO-2024-2825 +7 more
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.20.13
Jan 9, 2024 GO-2024-2825 +7 more
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.20.12
Dec 5, 2023 GO-2024-2825 +7 more
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.20.11
Nov 7, 2023 GO-2023-2383 +8 more
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.20.10
Oct 10, 2023 GO-2023-2383 +8 more
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.20.9
Oct 5, 2023 GO-2023-2383 +8 more
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.20.8
Sep 6, 2023 GO-2023-2095 +9 more
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.20.7
Aug 1, 2023 GO-2023-2095 +9 more
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.20.6
Jul 11, 2023 GO-2023-2095 +9 more
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.20.5
Jun 6, 2023 GO-2023-2095 +9 more
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.20.4
May 2, 2023 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.20.3
Apr 4, 2023 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.20.2
Mar 7, 2023 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.20.1
Feb 14, 2023 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.20
Feb 1, 2023 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.20rc3
Jan 12, 2023 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.20rc2
Jan 4, 2023 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.20rc1
Dec 7, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.19.13
Sep 6, 2023 GO-2023-2095 +9 more
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.19.12
Aug 1, 2023 GO-2023-2095 +9 more
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.19.11
Jul 11, 2023 GO-2023-2095 +9 more
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.19.10
Jun 6, 2023 GO-2023-2095 +9 more
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.19.9
May 2, 2023 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.19.8
Apr 4, 2023 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.19.7
Mar 7, 2023 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.19.6
Feb 14, 2023 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.19.5
Jan 10, 2023 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.19.4
Dec 6, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.19.3
Nov 1, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.19.2
Oct 4, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.19.1
Sep 6, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.19
Aug 2, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.19rc2
Jul 12, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.19rc1
Jul 6, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.19beta1
Jun 9, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.18.10
Jan 10, 2023 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.18.9
Dec 6, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.18.8
Nov 1, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.18.7
Oct 4, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.18.6
Sep 6, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.18.5
Aug 1, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.18.4
Jul 12, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.18.3
Jun 1, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.18.2
May 10, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.18.1
Apr 12, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.18
Mar 15, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.18rc1
Feb 16, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.18beta2
Jan 31, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.18beta1
Dec 14, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.17.13
Aug 1, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.17.12
Jul 12, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.17.11
Jun 1, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.17.10
May 10, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.17.9
Apr 12, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.17.8
Mar 3, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.17.7
Feb 9, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.17.6
Jan 6, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.17.5
Dec 9, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.17.4
Dec 2, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.17.3
Nov 4, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.17.2
Oct 7, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.17.1
Sep 9, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.17
Aug 16, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.17rc2
Aug 2, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.17rc1
Jul 13, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.17beta1
Jun 10, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.16.15
Mar 3, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.16.14
Feb 9, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.16.13
Jan 6, 2022 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.16.12
Dec 9, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.16.11
Dec 2, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.16.10
Nov 4, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.16.9
Oct 7, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.16.8
Sep 9, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.16.7
Aug 4, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.16.6
Jul 12, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.16.5
Jun 3, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.16.4
May 6, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.16.3
Apr 1, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.16.2
Mar 11, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.16.1
Mar 10, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.16
Feb 16, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.16rc1
Jan 27, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.16beta1
Dec 17, 2020 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.15.15
Aug 4, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.15.14
Jul 12, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.15.13
Jun 3, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.15.12
May 6, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.15.11
Apr 1, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.15.10
Mar 11, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.15.9
Mar 10, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.15.8
Feb 4, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.15.7
Jan 19, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.15.6
Dec 3, 2020 GO-2021-0068 +13 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.15.5
Nov 12, 2020 GO-2021-0068 +13 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.15.4
Nov 5, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.15.3
Oct 14, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.15.2
Sep 9, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.15.1
Sep 1, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.15
Aug 11, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.15rc2
Aug 7, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.15rc1
Jul 24, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.15beta1
Jun 10, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.14.15
Feb 4, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.14.14
Jan 19, 2021 GO-2023-1839 +12 more
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.14.13
Dec 3, 2020 GO-2021-0068 +13 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.14.12
Nov 12, 2020 GO-2021-0068 +13 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.14.11
Nov 5, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.14.10
Oct 14, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.14.9
Sep 9, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.14.8
Sep 1, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.14.7
Aug 6, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.14.6
Jul 16, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.14.5
Jul 14, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.14.4
Jun 1, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.14.3
May 14, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.14.2
Apr 8, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.14.1
Mar 19, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.14
Feb 25, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.14rc1
Feb 5, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.14beta1
Dec 17, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.13.15
Aug 6, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.13.14
Jul 16, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.13.13
Jul 14, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.13.12
Jun 1, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.13.11
May 14, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.13.10
Apr 8, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.13.9
Mar 19, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.13.8
Feb 12, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.13.7
Jan 27, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.13.6
Jan 9, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.13.5
Dec 4, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.13.4
Oct 31, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.13.3
Oct 17, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.13.2
Oct 17, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.13.1
Sep 25, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.13
Sep 3, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.13rc2
Aug 29, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.13rc1
Aug 21, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.13beta1
Jun 26, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12.17
Feb 12, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12.16
Jan 27, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12.15
Jan 9, 2020 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12.14
Dec 4, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12.13
Oct 31, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12.12
Oct 17, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12.11
Oct 17, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12.10
Sep 25, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12.9
Aug 15, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12.8
Aug 13, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12.7
Jul 8, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12.6
Jun 11, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12.5
May 6, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12.4
Apr 11, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12.3
Apr 8, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12.2
Apr 5, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12.1
Mar 14, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12
Feb 25, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12rc1
Feb 11, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12beta2
Jan 10, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.12beta1
Dec 18, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.11.13
Aug 13, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.11.12
Jul 8, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.11.11
Jun 11, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.11.10
May 6, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.11.9
Apr 11, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.11.8
Apr 8, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.11.7
Apr 5, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.11.6
Mar 14, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.11.5
Jan 23, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.11.4
Dec 14, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.11.3
Dec 13, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.11.2
Nov 2, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.11.1
Oct 1, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.11
Aug 24, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.11rc2
Aug 22, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.11rc1
Aug 13, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.11beta3
Aug 3, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.11beta2
Jul 19, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.11beta1
Jun 26, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.10.8
Jan 23, 2019 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.10.7
Dec 14, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.10.6
Dec 13, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.10.5
Nov 2, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.10.4
Aug 24, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.10.3
Jun 6, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.10.2
Apr 30, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.10.1
Mar 29, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.10
Feb 16, 2018 GO-2021-0068 +16 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.10rc2
Feb 7, 2018 GO-2021-0068 +16 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.10rc1
Jan 25, 2018 GO-2021-0068 +16 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.10beta2
Jan 11, 2018 GO-2021-0068 +16 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.10beta1
Dec 7, 2017 GO-2021-0068 +16 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.9.7
Jun 6, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.9.6
Apr 30, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.9.5
Mar 29, 2018 GO-2021-0068 +15 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.9.4
Feb 7, 2018 GO-2021-0068 +16 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.9.3
Jan 22, 2018 GO-2021-0068 +17 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.9.2
Oct 25, 2017 GO-2021-0068 +17 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.9.1
Oct 4, 2017 GO-2021-0068 +17 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.9
Aug 24, 2017 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.9rc2
Aug 7, 2017 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.9rc1
Jul 24, 2017 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.9beta2
Jun 26, 2017 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.9beta1
Jun 14, 2017 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.8.7
Feb 7, 2018 GO-2021-0068 +16 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.8.6
Jan 23, 2018 GO-2021-0068 +17 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.8.5
Oct 25, 2017 GO-2021-0068 +17 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.8.5rc5
Oct 25, 2017 GO-2021-0068 +17 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.8.5rc4
Oct 20, 2017 GO-2021-0068 +17 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.8.4
Oct 4, 2017 GO-2021-0068 +17 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.8.3
May 24, 2017 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.8.2
May 23, 2017 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.8.1
Apr 7, 2017 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.8
Feb 16, 2017 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.8rc3
Jan 26, 2017 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.8rc2
Jan 19, 2017 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.8rc1
Jan 10, 2017 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.8beta2
Dec 15, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.8beta1
Dec 1, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.7.6
May 23, 2017 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.7.5
Jan 26, 2017 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.7.4
Dec 1, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.7.3
Oct 19, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.7.2
Oct 17, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.7.1
Sep 7, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.7
Aug 15, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.7rc6
Aug 8, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.7rc5
Aug 2, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.7rc4
Aug 2, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.7rc3
Jul 21, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.7rc2
Jul 18, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.7rc1
Jul 8, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.7beta2
Jun 16, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.7beta1
Jun 2, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.6.4
Dec 1, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.6.3
Jul 18, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.6.2
Apr 19, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.6.1
Apr 11, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.6
Feb 17, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.6rc2
Feb 3, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.6rc1
Jan 28, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.6beta2
Jan 13, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.6beta1
Dec 17, 2015 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.5.4
Apr 11, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.5.3
Jan 13, 2016 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.5.2
Dec 3, 2015 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.5.1
Sep 9, 2015 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.5
Aug 19, 2015 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.5rc1
Aug 6, 2015 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.5beta3
Jul 29, 2015 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.5beta2
Jul 17, 2015 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.5beta1
Jul 7, 2015 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.4.3
Sep 23, 2015 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.4.2
Feb 18, 2015 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.4.1
Jan 15, 2015 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.4
Dec 11, 2014 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.4rc2
Dec 2, 2014 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.4rc1
Nov 17, 2014 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go
go1.4beta1
Oct 30, 2014 GO-2021-0068 +18 more
Alert  GO-2021-0068: Arbitrary code injection via the go command with cgo on Windows in cmd/go
Alert  GO-2022-0177: Remote command execution via "go get" in cmd/go
Alert  GO-2022-0201: Remote command execution via "go get" command with cgo in cmd/go
Alert  GO-2022-0203: Remote command execution via "go get" command with "-insecure" option in cmd/go
Alert  GO-2022-0475: Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo
Alert  GO-2022-0476: Arbitrary code execution via the go command with cgo in cmd/go
Alert  GO-2023-1839: Code injection via go command with cgo in cmd/go
Alert  GO-2023-1841: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
Alert  GO-2023-1842: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
Alert  GO-2023-2095: Arbitrary code execution during build via line directives in cmd/go
Alert  GO-2023-2383: Command 'go get' may unexpectedly fallback to insecure git in cmd/go
Alert  GO-2024-2825: Arbitrary code execution during build on Darwin in cmd/go
Alert  GO-2024-2962: Output of "go env" does not sanitize values in cmd/go
Alert  GO-2025-3828: Unexpected command execution in untrusted VCS repositories in cmd/go
Alert  GO-2026-4339: Arbitrary file write using cgo pkg-config directive in cmd/go
Alert  GO-2026-4871: Code execution vulnerability in SWIG code generation in cmd/go
Alert  GO-2026-4978: Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Alert  GO-2026-4979: Invoking "go tool pack" does not sanitize output paths in cmd/go
Alert  GO-2026-4984: Malicious module proxy can bypass checksum database in cmd/go

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.