CVE-2024-24787 - CERT CVE
ID CVE-2024-24787
Sažetak On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a "#cgo LDFLAGS" directive.
Reference
CVSS
Base: 6.4
Impact: 5.9
Exploitability:0.5
Pristup
VektorSloženostAutentikacija
LOCAL HIGH HIGH
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH HIGH
CVSS vektor CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Zadnje važnije ažuriranje 03-07-2024 - 01:48
Objavljeno 08-05-2024 - 16:15