Lucene search
K

18 matches found

NVD
NVD
added 2026/02/04 11:15 p.m.6 views

CVE-2025-22873

It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open"../" would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained with...

3.8CVSS0.00238EPSS
Exploits0References5
OSV
OSV
added 2026/02/04 11:15 p.m.3 views

CVE-2025-22873

It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open"../" would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained with...

3.8CVSS5.5AI score
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/02/04 11:15 p.m.15 views

CVE-2025-22873

It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open"../" would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained with...

3.8CVSS5.9AI score0.00238EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/02/04 11:5 p.m.8 views

CVE-2025-22873

It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open"../" would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained with...

3.8CVSS5.2AI score0.00238EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/02/04 11:5 p.m.30 views

CVE-2025-22873

It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open"../" would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained with...

3.8CVSS8.3AI score0.00238EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-22873

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was possible to improperly access the parent directory of an os.Root by opening a filename ending in ../. For example, Root.Open../ would open the parent...

3.8CVSS5.8AI score0.00238EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/06/11 12:0 a.m.2 views

openSUSE Security Advisory (SUSE-SU-2025:01846-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.0056EPSS
Exploits0References8
Amazon
Amazon
added 2025/06/02 12:0 a.m.9 views

Medium: golang

Issue Overview: A directory traversal vulnerability was discovered in the Go programming language's os package in versions prior to 1.24.3. The vulnerability allows improper access to the parent directory of an os.Root by opening a filename ending in "../". When exploited, this vulnerability...

6.6AI score0.00238EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/02 12:0 a.m.8 views

Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2025-977)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-977 advisory. A directory traversal vulnerability was discovered in the Go programming language's os package in versions prior to 1.24.3. The vulnerability allows improper access to the parent directory of an os.Root...

3.8CVSS5.4AI score0.00238EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/30 12:0 a.m.5 views

SUSE SLED15 / SLES15 Security Update : go1.24 (SUSE-SU-2025:01551-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:01551-1 advisory. Update to go1.24.3 bsc1236217: Security fixes: - CVE-2025-22873: Fixed os.Root permits access to parent directory...

3.8CVSS5.6AI score0.00238EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2025/05/16 12:0 a.m.4 views

openSUSE Security Advisory (SUSE-SU-2025:1551-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.8CVSS6.5AI score0.00238EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2025/05/16 12:0 a.m.5 views

SUSE: Security Advisory (SUSE-SU-2025:1551-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.8CVSS6.5AI score0.00238EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/05/15 12:0 a.m.10 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.24 (SUSE-SU-2025:1551-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1551-1 advisory. Update to go1.24.3 bsc1236217: Security fixes: - CVE-2025-22873: Fixed os.Root permits access to parent...

3.8CVSS5.6AI score0.00238EPSS
Exploits0References5
OSV
OSV
added 2025/05/14 5:6 p.m.1 views

SUSE-SU-2025:1551-1 Security update for go1.24

This update for go1.24 fixes the following issues: Update to go1.24.3 bsc1236217: Security fixes: - CVE-2025-22873: Fixed os.Root permits access to parent directory bsc1242715 Changelog: go73556 go73555 security: fix CVE-2025-22873 os: Root permits access to parent directory go73082 os: Root.Open...

3.8CVSS7.7AI score0.00238EPSS
Exploits0References4
OSV
OSV
added 2025/05/12 1:26 p.m.3 views

BELL-CVE-2025-22873

Bulletin has no description...

3.8CVSS6AI score0.00238EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2025/05/08 12:0 a.m.3 views

go1.24-1.24.3-1.1 on GA media (moderate)

go1.24-1.24.3-1.1 on GA media Announcement ID: openSUSE-SU-2025:15058-1 Rating: moderate Cross-References: CVE-2025-22873 CVSS scores: CVE-2025-22873 SUSE : 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2025-22873 SUSE : 2 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N...

4.4CVSS7.3AI score0.00238EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/05/07 12:0 a.m.14 views

Golang 1.24.x < 1.24.3 Directory Traversal

The version of Golang running on the remote host is 1.24.x prior to 1.24.3. It is, therefore, affected by a directory traversal vulnerability that makes it possible to improperly access the parent directory of an os.Root. Note that Nessus has not tested for this issue but has instead relied only ...

3.8CVSS5.2AI score0.00238EPSS
Exploits0References3
Circl
Circl
added 2025/05/06 5:20 p.m.25 views

CVE-2025-22873

creationtimestamp| type| source ---|---|--- 2025-05-06 17:20:50+00:00| seen| https://seclists.org/oss-sec/2025/q2/106 2025-05-06 19:09:16+00:00| seen| https://bsky.app/profile/golang.org/post/3lojlh463e22x 2025-05-07 02:17:18+00:00| seen|...

3.8CVSS5.8AI score0.00238EPSS
Exploits0References12
Rows per page
Query Builder