CNNVD-202602-767 Information
Feb 04, 2026
cve
CNNVD ID
CNNVD-202602-767
Related CVE
- CNNVD Published: 2026-02-04
Description (Chinese)
Google Go是美国谷歌(Google)公司的一种静态强类型、编译型、并发型,并具有垃圾回收功能的编程语言。 Google Go存在安全漏洞,该漏洞源于通过打开以../结尾的文件名可以不当访问os.Root的父目录,可能导致路径遍历。
Description (English)
Google Go is a static type, compiler, hairdresser of Google and a programme language with a garbage recovery function. Google Go has a security loophole, which stems from inappropriate access to Os. Root ’ s father ’ s directory by opening the file name at ./end, which may lead to routing.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
谷歌
Published
2026-02-04
Last Modified
2026-02-24
References
https://go.dev/cl/670036 https://go.dev/issue/73555 https://groups.google.com/g/golang-announce/c/UZoIkUT367A/m/5WDxKizJAQAJ https://pkg.go.dev/vuln/GO-2026-4403 http://www.openwall.com/lists/oss-security/2025/05/06/2