10 matches found
os/exec: Unexpected paths returned from LookPath in os/exec
A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...
os/exec: Unexpected paths returned from LookPath in os/exec
A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...
os/exec: Unexpected paths returned from LookPath in os/exec
A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...
TencentOS Server 4: skopeo (TSSA-2025:0764)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0764 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
CVE-2025-47906
If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...
AZL-66128 CVE-2025-47906 affecting package golang for versions less than 1.22.7-5
If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...
AZL-67512 CVE-2025-47906 affecting package golang for versions less than 1.18.8-10
If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...
UBUNTU-CVE-2025-47906
If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...
CVE-2025-47906 Unexpected paths returned from LookPath in os/exec
If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...
CVE-2025-47906
The CVE-2025-47906 issue affects Go (golang) tooling, specifically the os/exec LookPath behavior: if PATH contains executable entries, LookPath("", "." , "..") can return binaries from PATH instead of only directories. This is tied to Golang tooling (go-toolset) and affects packages built with Go...