VIR Vulnerability Intelligence Relay

Package impact

golang Go / toolchain

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-39817 medium 5.9 5.9 21d ago The "go tool pack" subcommand (usually used only by the compiler as an internal tool with known-good inputs) does not sanitize output filenames. Extracting a malicious archive file with the "pack" su… debiansusegolanggcp
CVE-2023-45285 medium 5.5 2y ago Moderate: golang security update redhatsusedebiangolang
CVE-2022-23773 medium 5.5 4y ago Moderate: go-toolset:rhel8 security and bug fix update suserockylinuxdebiangolang
CVE-2021-38297 medium 5.5 4y ago Moderate: go-toolset:rhel8 security and bug fix update archsuserockylinuxdebian+1
CVE-2021-3115 medium 5.5 5y ago Moderate: go-toolset:rhel8 security, bug fix, and enhancement update archsusedebianrockylinux+1
CVE-2026-39819 medium 5.3 5.3 21d ago The "go bug" command writes to two files with predictable names in the system temporary directory (for example, "/tmp"). An attacker with access to the temporary directory can create a symlink in one… debiansusegolanggcp