CNNVD-202508-662 Information
CNNVD ID
CNNVD-202508-662
Related CVE
- CNNVD Published: 2025-08-07
Description (Chinese)
Google Golang是美国谷歌(Google)公司的一种静态强类型、编译型语言。Go的语法接近C语言,但对于变量的声明有所不同。Go支持垃圾回收功能。Go的并行模型是以东尼·霍尔的通信顺序进程(CSP)为基础,采取类似模型的其他语言包括Occam和Limbo,但它也具有Pi运算的特征,比如通道传输。 Google Golang存在安全漏洞,该漏洞源于并行查询时取消操作可能导致竞争条件,返回错误结果。
Description (English)
Google Golang is a static, compiled language of Google. Go has a syntax close to the C language, but different statements for variables. Go supports garbage recycling. Go ’ s parallel model is based on Tony Hall ’ s communication sequence process (CSP) and other languages that follow similar models include Occam and Limbo, but it also has the characteristics of a Pi operation, such as channel transport. Google Golang has a security loophole, which stems from the fact that the cancellation of an operation in parallel inquiries may lead to competitive conditions and the return of the wrong result.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
谷歌
Published
2025-08-07
Last Modified
2026-02-24
References
https://go.dev/issue/74831 https://groups.google.com/g/golang-announce/c/x5MKroML2yM https://go.dev/cl/693735 https://pkg.go.dev/vuln/GO-2025-3849 https://vigilance.fr/vulnerability/Go-two-vulnerabilities-dated-12-08-2025-47931
Share on: