golang.org/x/sys
Go2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting golang.org/x/syspage 1 of 1
- CVE-2022-29526MEDIUMCVSS 5.3EG 5.3✓ Fixed in 0.0.0-20220412211240-33da011f77ad2022-06-23
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.
- CVE-2026-39824LOWCVSS 3.3EG 3.3✓ Fixed in 0.44.02026-05-26
NewNTUnicodeString does not check for string length overflow. When provided with a string that overflows the maximum size of a NTUnicodeString (a 16-bit number of bytes), it returns a truncated string rather than an error.
Check whether golang.org/x/sys is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for golang.org/x/sys CVEs against the assets you own.
Start Free Scan →