VDB
GCVE-110-MAGEIA-2018-144
GCVE-110-MAGEIA-2018-144
Advisory Published
Updated golang packages fix security vulnerabilities:
Go before 1.9.4 allows "go get" remote command execution during source code
build, by leveraging the gcc or clang plugin feature, because -fplugin= and
-plugin= arguments were not blocked (CVE-2018-6574).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | mageia-doc | 6.1-2.mga6 (unaffected), 0 (affected) | — |
| Mageia | golang | 0 (affected), 1.9.4-3.mga6 (unaffected), 1.9.4-3.mga6 (unaffected), 0 (affected) | — |
| Mageia | desktop-common-data | 6.12-1.mga6 (unaffected), 0 (affected) | — |
References
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.