Astra Linux – Vulnerability in Golang 1.19, Golang 1.23

Canceling a query for example, by canceling the context passed to one of the query methods during a call to the Scan method of the returned Rows can lead to unexpected results if other queries are being executed in parallel. This can cause a race condition, which may overwrite the expected result...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

EulerOS 2.0 SP12 : golang (EulerOS-SA-2025-2327)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

Updated golang packages fix vulnerabilities

LookPath may return unexpected paths, CVE-2025-47906. incorrect results returned from Rows.Scan, CVE-2025-47907. These packages fix the issues for the compiler only; applications using the functions still need to be rebuilt...

MGASA-2025-0221 Updated golang packages fix vulnerabilities

LookPath may return unexpected paths, CVE-2025-47906. incorrect results returned from Rows.Scan, CVE-2025-47907. These packages fix the issues for the compiler only; applications using the functions still need to be rebuilt...

SUSE SLES15 Security Update : go1.24-openssl (SUSE-SU-2025:02837-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02837-1 advisory. Updated to go1.24.6 released 2025-08-06 bsc1236217: - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS...

SUSE-SU-2025:02837-1 Security update for go1.24-openssl

This update for go1.24-openssl fixes the following issues: Updated to go1.24.6 released 2025-08-06 bsc1236217: - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS repositories in cmd/go bsc1246118 - CVE-2025-47906: Fixed incorrect expansion of '', '.' and '..' in some PATH...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

SUSE-SU-2025:02760-1 Security update for go1.24

This update for go1.24 fixes the following issues: - Update to go1.24.6: CVE-2025-47906: Fixed LookPath returning unexpected paths bsc1247719 CVE-2025-47907: Fixed incorrect results returned from Rows.Scan bsc1247720 go73800 runtime: RSS seems to have increased in Go 1.24 while the runtime...

SUSE-SU-2025:02759-1 Security update for go1.23

This update for go1.23 fixes the following issues: - Update to go1.23.12: CVE-2025-47906: Fixed LookPath returning unexpected paths bsc1247719 CVE-2025-47907: Fixed incorrect results returned from Rows.Scan bsc1247720 go74415 runtime: use-after-free of allpSnapshot in findRunnable go74693 runtime...

BIT-GOLANG-2025-47907 Incorrect results returned from Rows.Scan in database/sql

Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with...

AZL-66150 CVE-2025-47907 affecting package golang for versions less than 1.23.12-1

Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with...

DEBIAN-CVE-2025-47907

Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with...

UBUNTU-CVE-2025-47907

Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with...

CVE-2025-47907

CVE-2025-47907 refers to a race condition in the Go language database/sql Rows Scan path when a query is cancelled, which can overwrite results or raise errors if parallel queries are running. Connected advisories indicate Golang package fixes across multiple distributions (e.g., newer golang/gol...