How severe is CVE-2023-29402?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2023-29402?

This is classified as CWE-94, which is a common weakness in software security.

CVE-2023-29402

CRITICAL Year: 2023

CVSS v3 Score

9.8

Critical

Weakness Type

CWE-94

View all →

Vulnerability Description

The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved using the go command, i.e. via "go get", are not affected (modules retrieved using GOPATH-mode, i.e. GO111MODULE=off, may be affected).

CVE-2006-3136

CRITICAL

CVSS:9.8(Critical)

Multiple PHP remote file inclusion vulnerabilities in Nucleus 3.23 allow remote attackers to execute arbitrary PHP code via a URL the DIR_LIBS parameter in (1) path/action.php, and to files in path/nu...

CWE-942006

CVE-2006-5021

CRITICAL

CVSS:9.8(Critical)

Multiple PHP remote file inclusion vulnerabilities in redgun RedBLoG 0.5 allow remote attackers to execute arbitrary PHP code via a URL in (1) the root parameter in imgen.php, and the root_path parame...

CWE-942006

CVE-2006-5610

CRITICAL

CVSS:9.8(Critical)

PHP remote file inclusion vulnerability in player/includes/common.php in Teake Nutma Foing, as modified in Fully Modded phpBB (phpbbfm) 2021.4.40, allows remote attackers to execute arbitrary PHP code...

CWE-942006

CVE-2006-6975

CRITICAL

CVSS:9.8(Critical)

PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.3 allows remote attackers to execute arbitrary code via a URL in the class_pwd parameter. NOTE: this issue has been disp...

CWE-942006

CVE-2006-7105

CRITICAL

CVSS:9.8(Critical)

PHP remote file inclusion vulnerability in libs/Smarty.class.php in Smarty 2.6.9 allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter. NOTE: in the original disclo...

CWE-942006

CVE-2007-4290

CRITICAL

CVSS:9.8(Critical)

Multiple PHP remote file inclusion vulnerabilities in Guestbook Script 1.9 allow remote attackers to execute arbitrary PHP code via a URL in the script_root parameter to (1) delete.php, (2) edit.php, ...

CWE-942007

CVE-2023-29402

Vulnerability Description

Related Vulnerabilities

CVE-2006-3136

CVE-2006-5021

CVE-2006-5610

CVE-2006-6975

CVE-2006-7105

CVE-2007-4290