CVE-2020-28366

Published: 2020-11-18T17:15Z

Last Modified: 2024-11-21T05:22Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt