Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavior to set a value for a different environment variable. For example, the environment variable string A=Bx00C=D sets the variables A=B and C=D.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Go | Golang | * | 1.18.8 (excluding) |
Go | Golang | 1.19.0 (including) | 1.19.3 (excluding) |