CVE-2025-22867 | Google Go 1.24rc2 cmd-go executable_path/loader_path/rpath command injection

Inserito da Angelo Barbosa | Feb 6, 2025 | CVE

A vulnerability classified as critical has been found in Google Go 1.24rc2. Affected is an unknown function of the component cmd-go. The manipulation of the argument executable_path/loader_path/rpath leads to command injection.

This vulnerability is traded as CVE-2025-22867. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-22867 | Google Go 1.24rc2 cmd-go executable_path/loader_path/rpath command injection

Post correlati

CVE-2023-49165 | Real Big Plugins Client Dash Plugin up to 2.2.1 on WordPress cross site scripting

CVE-2024-45654 | IBM Security ReaQta 3.12 reliance on untrusted inputs in a security decision

CVE-2023-42662 | JFrog Artifactory up to 7.59.17/7.63.17/7.68.18/7.71.7 URL information disclosure

CVE-2024-23290 | Apple macOS access control