apk package
chainguard/policy-controller
pkg:apk/chainguard/policy-controller
Vulnerabilities (103)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-29404 | — | < 0.7.0-r4 | 0.7.0-r4 | Jun 8, 2023 | The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. T | ||
| CVE-2023-29403 | — | < 0.7.0-r4 | 0.7.0-r4 | Jun 8, 2023 | On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is execute | ||
| CVE-2023-29402 | — | < 0.7.0-r4 | 0.7.0-r4 | Jun 8, 2023 | The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules wh |
- CVE-2023-29404Jun 8, 2023affected < 0.7.0-r4fixed 0.7.0-r4
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. T
- CVE-2023-29403Jun 8, 2023affected < 0.7.0-r4fixed 0.7.0-r4
On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is execute
- CVE-2023-29402Jun 8, 2023affected < 0.7.0-r4fixed 0.7.0-r4
The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules wh
Page 6 of 6