vulnerability

SUSE: CVE-2025-46816: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
10	(AV:N/AC:L/Au:N/C:C/I:C/A:P)	May 21, 2025	Dec 5, 2025	Dec 5, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:P)

Published

May 21, 2025

Added

Dec 5, 2025

Modified

Dec 5, 2025

Description

goshs is a SimpleHTTPServer written in Go. Starting in version 0.3.4 and prior to version 1.0.5, running goshs without arguments makes it possible for anyone to execute commands on the server. The function `dispatchReadPump` does not checks the option cli `-c`, thus allowing anyone to execute arbitrary command through the use of websockets. Version 1.0.5 fixes the issue.

Solution

suse-upgrade-govulncheck-vulndb

References

CVE-2025-46816
https://attackerkb.com/topics/CVE-2025-46816
CWE-284
CWE-77

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today