QSearchQSearch

CVE-2021-3115

7.5 HIGH

Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get...

Published: 2021-01-26 · Last updated: 2026-06-17

Severity and scoring

CVSS
7.5 HIGH
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE
CWE-427

Affected products

VendorProduct
fedoraprojectcloud_insights_telegraf_agent, fedora, go
golangcloud_insights_telegraf_agent, fedora, go
netappcloud_insights_telegraf_agent, fedora, go

Description

Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-42506 Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree (6.1 MEDIUM)
  • CVE-2026-42502 Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree (6.1 MEDIUM)
  • CVE-2026-39821 The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label (9.6 CRITICAL)
  • CVE-2026-27136 Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree (6.1 MEDIUM)
  • CVE-2026-25681 Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree (6.1 MEDIUM)

Same CWE

  • CVE-2026-12003 To allow builds of Python to be run from an in-tree layout (rather than an installed file layout), the VPATH variable is defined at build...
  • CVE-2024-22451 Dell Peripheral Manager, versions from 1.5.1 to 1.7.2, contain an uncontrolled search path element vulnerability (6.7 MEDIUM)
  • CVE-2024-22447 Dell Peripheral Manager, versions prior to 1.7.3, contain an uncontrolled search path element vulnerability (6.7 MEDIUM)
  • CVE-2026-5064 Potential security vulnerabilities have been identified in the HP One Agent for certain HP PC products, which might allow ...
  • CVE-2026-50100 Multiple printer drivers provided by Ricoh Company, Ltd (7.8 HIGH)