Sign In

CVE-2023-29403

SOURCE - nist

Summary

On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I/O file descriptors closed, opening any files can result in unexpected content being read or written with elevated privileges. Similarly, if a setuid/setgid program is terminated, either via panic or signal, it may leak the contents of its registers.

EPSS Score: 0.00058 (0.233)

Common Weakness Enumeration (CWE)

SOURCE - nist

CWE-668

Exposure of Resource to Wrong Sphere

SOURCE - redhat

CWE-668

Exposure of Resource to Wrong Sphere

Sources (19)

My images

nist

CREATED

UPDATED

SOURCE IDCVE-2023-29403
EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-668

CVSS SCORE

7.8high

alpine

CREATED

UPDATED

SOURCE IDCVE-2023-29403
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM SOURCE

debian

CREATED

UPDATED

SOURCE IDCVE-2023-29403
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM SOURCE

ubuntu

CREATED

UPDATED

SOURCE IDCVE-2023-29403
EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.8medium

golang

CREATED

UPDATED

SOURCE IDGO-2023-1840
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM SOURCE

alma

CREATED

UPDATED

SOURCE IDALSA-2023:3922
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Acritical

alma

CREATED

UPDATED

SOURCE IDALSA-2023:3923
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Acritical

amazon

CREATED

UPDATED

SOURCE IDALAS-2023-2163
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

UPDATED

SOURCE IDALAS-2023-1848
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

UPDATED

SOURCE IDALAS2023-2023-269
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

UPDATED

SOURCE IDALAS2023-2023-312
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

bitnami

CREATED

UPDATED

SOURCE ID

BIT-2023-29403

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

bitnami

CREATED

UPDATED

SOURCE ID

BIT-golang-2023-29403

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

redhat

CREATED

UPDATED

SOURCE IDCVE-2023-29403
EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-668

CVSS SCORE

7.8high

rocky

CREATED

UPDATED

SOURCE IDRLSA-2023:3923
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Acritical

oracle

CREATED

UPDATED

SOURCE IDELSA-2023-3922
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Acritical

oracle

CREATED

UPDATED

SOURCE IDELSA-2023-3923
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Acritical

chainguard

CREATED

UPDATED

SOURCE ID

CVE-2023-29403

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM SOURCE

wolfi

CREATED

UPDATED

SOURCE ID

CVE-2023-29403

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM SOURCE