Loading HuntDB...

GHSA-rxv8-v965-v333

GitHub Security Advisory

⚠ Unreviewed CRITICAL Has CVE

Advisory Details

The go.mod toolchain directive, introduced in Go 1.21, can be leveraged to execute scripts and binaries relative to the root of the module when the "go" command was executed within the module. This applies to modules downloaded using the "go" command from the module proxy, as well as modules downloaded directly using VCS software.

Related CVEs

Key Information

GHSA ID
GHSA-rxv8-v965-v333
Published
September 8, 2023 6:30 PM
Last Modified
November 4, 2023 3:30 AM
CVSS Score
9.0 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: July 18, 2025 6:27 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.