GHSA-rxv8-v965-v333
GitHub Security Advisory
⚠ Unreviewed
CRITICAL
Has CVE
Advisory Details
The go.mod toolchain directive, introduced in Go 1.21, can be leveraged to execute scripts and binaries relative to the root of the module when the "go" command was executed within the module. This applies to modules downloaded using the "go" command from the module proxy, as well as modules downloaded directly using VCS software.
Related CVEs
Key Information
9.0
/10
Dataset
Last updated: July 18, 2025 6:27 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.