Thanks to visit codestin.com
Credit goes to github.com

Skip to content

chore(deps): update module golang.org/x/sys to v0.44.0 [security] (master)#27

Open
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/master-go-golang.org-x-sys-vulnerability
Open

chore(deps): update module golang.org/x/sys to v0.44.0 [security] (master)#27
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/master-go-golang.org-x-sys-vulnerability

Conversation

@renovate

@renovate renovate Bot commented Jul 8, 2026

Copy link
Copy Markdown

This PR contains the following updates:

Package Change Age Confidence
golang.org/x/sys v0.40.0v0.44.0 age confidence

Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows

CVE-2026-39824 / GO-2026-5024

More information

Details

NewNTUnicodeString does not check for string length overflow. When provided with a string that overflows the maximum size of a NTUnicodeString (a 16-bit number of bytes), it returns a truncated string rather than an error.

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).


Configuration

📅 Schedule: (in timezone Asia/Taipei)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants