vulnerability
Arch Linux: Arbitrary file overwrite (CVE-2025-4748)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 3 | (AV:L/AC:M/Au:N/C:N/I:P/A:P) | Jun 16, 2025 | Jul 11, 2025 | Jan 16, 2026 |
Severity
3
CVSS
(AV:L/AC:M/Au:N/C:N/I:P/A:P)
Published
Jun 16, 2025
Added
Jul 11, 2025
Modified
Jan 16, 2026
Description
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Traversal, File Manipulation.
Solution
arch-linux-upgrade-latest
References
- CVE-2025-4748
- https://attackerkb.com/topics/CVE-2025-4748
- URL-https://github.com/erlang/otp/commit/578d4001575aa7647ea1efd4b2b7e3afadcc99a5
- URL-https://github.com/erlang/otp/commit/5a55feec10c9b69189d56723d8f237afa58d5d4f
- URL-https://github.com/erlang/otp/commit/ba2f2bc5f45fcfd2d6201ba07990a678bbf4cc8f
- URL-https://github.com/erlang/otp/pull/9941
- URL-https://github.com/erlang/otp/security/advisories/GHSA-9g37-pgj9-wrhc
- URL-https://www.erlang.org/doc/system/versions.html#order-of-versions
- CWE-22
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.