CVE-2019-9634
DLL injection on Windows in runtime and syscall
EPSS 0.53%
Description
Go on Windows misused certain LoadLibrary functionality, leading to DLL injection.
How to fix CVE-2019-9634
To remediate CVE-2019-9634, upgrade the affected package to a fixed version below.
- Go/stdlib—upgrade to 1.11.10 or later
Is CVE-2019-9634 being exploited?
Low — EPSS is 0.5%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.11.10, >= 1.12.0-0, < 1.12.2