Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Mishandling of corrupt central directory record in archive/zip
Vulnerability Description
The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Google Go 安全漏洞
Vulnerability Description
Google Go是美国谷歌(Google)公司的一种静态强类型、编译型、并发型,并具有垃圾回收功能的编程语言。 Google Go 1.21.11之前版本,1.22.0-0到1.22.4之前版本存在安全漏洞,该漏洞源于archive/zip包对某些类型的无效zip文件的处理与其他大多数zip实现的行为不同,可能会被利用来创建zip文件,其内容会根据读取文件的实现而有所不同。
CVSS Information
N/A
Vulnerability Type
N/A