CVE-2023-45284 Information

Description

On Windows The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces such as \COM1 \ and reserved names \COM\ and \LPT\ followed by superscript 1 2 or 3 are incorrectly reported as local. With fix IsLocal now correctly reports these names as non-local.

Reference

https://go.dev/issue/63713 https://go.dev/cl/540277 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://pkg.go.dev/vuln/GO-2023-2186