CVE-2022-23773 PoC — cmd/go 安全漏洞

Source

https://github.com/danbudris/CVE-2022-23773-repro-target

Associated Vulnerability

Title:cmd/go 安全漏洞 (CVE-2022-23773)
Description:Google Go Cmd/go是美国谷歌（Google）公司的一个为Go语言提供命令支持的代码库。 cmd/go存在安全漏洞，该漏洞源于cmd进入1.16.14和1.17之前的go。X在1.17.7之前可能会错误地将分支名称理解为版本标记。如果参与者应该能够创建分支而不是标记，那么这可能会导致不正确的访问控制。

Readme

# CVE-2022-23773-repro-target

File Snapshot


 [4.0K]  /data/pocs/4c1effce77ee1ac8cc3a70e2d26a5919aee2153f
├── [  65]  go.mod
├── [ 263]  main.go
└── [  30]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!