vulnerability
SUSE: CVE-2025-47906: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:L/Au:N/C:P/I:N/A:P) | Aug 12, 2025 | Dec 5, 2025 | Dec 5, 2025 |
Severity
6
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:P)
Published
Aug 12, 2025
Added
Dec 5, 2025
Modified
Dec 5, 2025
Description
If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath ("", ".", and ".."), can result in the binaries listed in the PATH being unexpectedly returned.
Solutions
suse-upgrade-go1-23suse-upgrade-go1-23-docsuse-upgrade-go1-23-opensslsuse-upgrade-go1-23-openssl-docsuse-upgrade-go1-23-openssl-racesuse-upgrade-go1-23-racesuse-upgrade-go1-24suse-upgrade-go1-24-docsuse-upgrade-go1-24-libstdsuse-upgrade-go1-24-opensslsuse-upgrade-go1-24-openssl-docsuse-upgrade-go1-24-openssl-racesuse-upgrade-go1-24-racesuse-upgrade-go1-25suse-upgrade-go1-25-docsuse-upgrade-go1-25-libstdsuse-upgrade-go1-25-opensslsuse-upgrade-go1-25-openssl-docsuse-upgrade-go1-25-openssl-racesuse-upgrade-go1-25-race
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.