CNNVD-202507-3662 Information

CNNVD ID

CNNVD-202507-3662

Related CVE

CVE-2025-4674

• CNNVD Published: 2025-07-29

Description (Chinese)

Google Go是美国谷歌（Google）公司的一种静态强类型、编译型、并发型，并具有垃圾回收功能的编程语言。 Google Go存在安全漏洞，该漏洞源于在不受信任的VCS存储库中执行意外命令，可能导致任意代码执行。

Description (English)

Google Go is a static type, compiler, hairdresser of Google and a programme language with a garbage recovery function. Google Go had a security loophole, which originated from the execution of an unexpected order in an untrustworthy VCS repository, which could lead to arbitrary code enforcement.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

谷歌

Published

2025-07-29

Last Modified

2026-02-24

References

https://go.dev/cl/686515 https://go.dev/issue/74380 https://groups.google.com/g/golang-announce/c/gTNJnDXmn34 https://pkg.go.dev/vuln/GO-2025-3828 https://vigilance.fr/vulnerability/Go-code-execution-via-VCS-Repositories-47696

Patch

https://go.dev/dl/