Home > Vulnerability Database > CVE-2023-45284

Mend.io Vulnerability Database

CVE-2023-45284

Good to know:

Date: November 9, 2023

On Windows, The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces, such as "COM1 ", and reserved names "COM" and "LPT" followed by superscript 1, 2, or 3, are incorrectly reported as local. With fix, IsLocal now correctly reports these names as non-local.

Language: Go

Severity Score

5.3

Related Resources (7)

Url: https://pkg.go.dev/vuln/GO-2023-2186

Url: https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY

Url: https://go.dev/issue/63713

Url: https://go.dev/cl/540277

Url: https://security-tracker.debian.org/tracker/CVE-2023-45284

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-45284

Url: https://www.mend.io/vulnerability-database/CVE-2023-45284

Severity Score

5.3

Weakness Type (CWE)

Insufficient Information

NVD-CWE-noinfo

Top Fix

Upgrade Version

Upgrade to version go1.20.11,go1.21.4

Learn More

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2023-45284

Good to know:

Date: November 9, 2023

Language: Go

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?