vulnerability
Oracle Linux: CVE-2025-47906: ELSA-2025-22005: go-rpm-macros security update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:L/Au:N/C:P/I:N/A:P) | Sep 18, 2025 | Nov 28, 2025 | Dec 8, 2025 |
Severity
6
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:P)
Published
Sep 18, 2025
Added
Nov 28, 2025
Modified
Dec 8, 2025
Description
If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath ("", ".", and ".."), can result in the binaries listed in the PATH being unexpectedly returned.
Solutions
oracle-linux-upgrade-delveoracle-linux-upgrade-go-filesystemoracle-linux-upgrade-golangoracle-linux-upgrade-golang-binoracle-linux-upgrade-golang-docsoracle-linux-upgrade-golang-miscoracle-linux-upgrade-golang-raceoracle-linux-upgrade-golang-srcoracle-linux-upgrade-golang-testsoracle-linux-upgrade-go-rpm-macrosoracle-linux-upgrade-go-rpm-templatesoracle-linux-upgrade-go-srpm-macrosoracle-linux-upgrade-go-toolset
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.