TencentOS Server 3: go-toolset:rhel8 (TSSA-2025:1002)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:1002 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

MiracleLinux 8 : go-toolset:rhel8 (AXSA:2025-11505:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11505:01 advisory. os/exec: Unexpected paths returned from LookPath in os/exec CVE-2025-47906 golang: archive/tar: Unbounded allocation when parsing GNU sparse map...

RHEL 9 : golang (RHSA-2025:22899)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22899 advisory. The golang packages provide the Go programming language compiler. Security Fixes: os/exec: Unexpected paths returned from LookPath in os/ex...

Moderate: Red Hat Security Advisory: go-toolset:rhel8 security update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

TencentOS Server 4: grafana-pcp (TSSA-2025:0833)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0833 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 4: containernetworking-plugins (TSSA-2025:0772)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0772 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 4: skopeo (TSSA-2025:0764)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0764 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 4: buildah (TSSA-2025:0765)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0765 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 4: conmon (TSSA-2025:0770)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0770 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2025-47906

If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...

DEBIAN-CVE-2025-47906

If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...

CVE-2025-47906 Unexpected paths returned from LookPath in os/exec

If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...

CVE-2025-47906 Unexpected paths returned from LookPath in os/exec

If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...

Google Go 安全漏洞

Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google, Inc. A security vulnerability exists in Google Go, which stems from the fact that passing a specific string to LookPath when the PATH environment variable contains the path to an...

Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2025-1161)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1161 advisory. os/exec: LookPath may return unexpected paths. If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath , ., and...