{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-0913", "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "state": "PUBLISHED", "assignerShortName": "Go", "dateReserved": "2025-01-30T21:52:33.447Z", "datePublished": "2025-06-11T17:17:25.606Z", "dateUpdated": "2025-06-11T17:37:52.111Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go", "dateUpdated": "2025-06-11T17:17:25.606Z"}, "title": "Inconsistent handling of O_CREATE|O_EXCL on Unix and Windows in os in syscall", "descriptions": [{"lang": "en", "value": "os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink."}], "affected": [{"vendor": "Go standard library", "product": "syscall", "collectionURL": "https://pkg.go.dev", "packageName": "syscall", "versions": [{"version": "0", "lessThan": "1.23.10", "status": "affected", "versionType": "semver"}, {"version": "1.24.0-0", "lessThan": "1.24.4", "status": "affected", "versionType": "semver"}], "platforms": ["windows"], "programRoutines": [{"name": "Open"}], "defaultStatus": "unaffected"}, {"vendor": "Go standard library", "product": "os", "collectionURL": "https://pkg.go.dev", "packageName": "os", "versions": [{"version": "0", "lessThan": "1.23.10", "status": "affected", "versionType": "semver"}, {"version": "1.24.0-0", "lessThan": "1.24.4", "status": "affected", "versionType": "semver"}], "platforms": ["windows"], "programRoutines": [{"name": "OpenFile"}, {"name": "Root.OpenFile"}, {"name": "Chdir"}, {"name": "Chmod"}, {"name": "Chown"}, {"name": "CopyFS"}, {"name": "Create"}, {"name": "CreateTemp"}, {"name": "File.ReadDir"}, {"name": "File.Readdir"}, {"name": "File.Readdirnames"}, {"name": "Getwd"}, {"name": "Lchown"}, {"name": "Link"}, {"name": "Lstat"}, {"name": "Mkdir"}, {"name": "MkdirAll"}, {"name": "MkdirTemp"}, {"name": "NewFile"}, {"name": "Open"}, {"name": "OpenInRoot"}, {"name": "OpenRoot"}, {"name": "Pipe"}, {"name": "ReadDir"}, {"name": "ReadFile"}, {"name": "Remove"}, {"name": "RemoveAll"}, {"name": "Rename"}, {"name": "Root.Create"}, {"name": "Root.Lstat"}, {"name": "Root.Mkdir"}, {"name": "Root.Open"}, {"name": "Root.OpenRoot"}, {"name": "Root.Remove"}, {"name": "Root.Stat"}, {"name": "StartProcess"}, {"name": "Stat"}, {"name": "Symlink"}, {"name": "Truncate"}, {"name": "WriteFile"}, {"name": "dirFS.Open"}, {"name": "dirFS.ReadDir"}, {"name": "dirFS.ReadFile"}, {"name": "dirFS.Stat"}, {"name": "rootFS.Open"}, {"name": "rootFS.ReadDir"}, {"name": "rootFS.ReadFile"}, {"name": "rootFS.Stat"}, {"name": "unixDirent.Info"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-59: Improper Link Resolution Before File Access ('Link Following')"}]}], "references": [{"url": "https://go.dev/cl/672396"}, {"url": "https://go.dev/issue/73702"}, {"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"}, {"url": "https://pkg.go.dev/vuln/GO-2025-3750"}], "credits": [{"lang": "en", "value": "Junyoung Park and Dong-uk Kim of KAIST Hacking Lab"}]}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-06-11T17:35:44.313980Z", "id": "CVE-2025-0913", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-11T17:37:52.111Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-0913", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-06-11T17:35:44.313980Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-11T17:37:22.578Z"}}], "cna": {"title": "Inconsistent handling of O_CREATE|O_EXCL on Unix and Windows in os in syscall", "credits": [{"lang": "en", "value": "Junyoung Park and Dong-uk Kim of KAIST Hacking Lab"}], "affected": [{"vendor": "Go standard library", "product": "syscall", "versions": [{"status": "affected", "version": "0", "lessThan": "1.23.10", "versionType": "semver"}, {"status": "affected", "version": "1.24.0-0", "lessThan": "1.24.4", "versionType": "semver"}], "platforms": ["windows"], "packageName": "syscall", "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "programRoutines": [{"name": "Open"}]}, {"vendor": "Go standard library", "product": "os", "versions": [{"status": "affected", "version": "0", "lessThan": "1.23.10", "versionType": "semver"}, {"status": "affected", "version": "1.24.0-0", "lessThan": "1.24.4", "versionType": "semver"}], "platforms": ["windows"], "packageName": "os", "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "programRoutines": [{"name": "OpenFile"}, {"name": "Root.OpenFile"}, {"name": "Chdir"}, {"name": "Chmod"}, {"name": "Chown"}, {"name": "CopyFS"}, {"name": "Create"}, {"name": "CreateTemp"}, {"name": "File.ReadDir"}, {"name": "File.Readdir"}, {"name": "File.Readdirnames"}, {"name": "Getwd"}, {"name": "Lchown"}, {"name": "Link"}, {"name": "Lstat"}, {"name": "Mkdir"}, {"name": "MkdirAll"}, {"name": "MkdirTemp"}, {"name": "NewFile"}, {"name": "Open"}, {"name": "OpenInRoot"}, {"name": "OpenRoot"}, {"name": "Pipe"}, {"name": "ReadDir"}, {"name": "ReadFile"}, {"name": "Remove"}, {"name": "RemoveAll"}, {"name": "Rename"}, {"name": "Root.Create"}, {"name": "Root.Lstat"}, {"name": "Root.Mkdir"}, {"name": "Root.Open"}, {"name": "Root.OpenRoot"}, {"name": "Root.Remove"}, {"name": "Root.Stat"}, {"name": "StartProcess"}, {"name": "Stat"}, {"name": "Symlink"}, {"name": "Truncate"}, {"name": "WriteFile"}, {"name": "dirFS.Open"}, {"name": "dirFS.ReadDir"}, {"name": "dirFS.ReadFile"}, {"name": "dirFS.Stat"}, {"name": "rootFS.Open"}, {"name": "rootFS.ReadDir"}, {"name": "rootFS.ReadFile"}, {"name": "rootFS.Stat"}, {"name": "unixDirent.Info"}]}], "references": [{"url": "https://go.dev/cl/672396"}, {"url": "https://go.dev/issue/73702"}, {"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"}, {"url": "https://pkg.go.dev/vuln/GO-2025-3750"}], "descriptions": [{"lang": "en", "value": "os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-59: Improper Link Resolution Before File Access ('Link Following')"}]}], "providerMetadata": {"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go", "dateUpdated": "2025-06-11T17:17:25.606Z"}}}, "cveMetadata": {"cveId": "CVE-2025-0913", "state": "PUBLISHED", "dateUpdated": "2025-06-11T17:37:52.111Z", "dateReserved": "2025-01-30T21:52:33.447Z", "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "datePublished": "2025-06-11T17:17:25.606Z", "assignerShortName": "Go"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", "matchCriteriaId": "E629E4E8-C3BF-4BCA-969A-7F88BB968232", "versionEndExcluding": "1.23.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", "matchCriteriaId": "0925799A-339C-4155-ABC6-E772A0EB73B4", "versionEndExcluding": "1.24.4", "versionStartIncluding": "1.24.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink."}, {"lang": "es", "value": "os.OpenFile(path, os.O_CREATE|O_EXCL) se comportaba de forma diferente en sistemas Unix y Windows cuando la ruta de destino era un enlace simb\u00f3lico pendiente. En sistemas Unix, OpenFile con los indicadores O_CREATE y O_EXCL nunca sigue enlaces simb\u00f3licos. En Windows, cuando la ruta de destino era un enlace simb\u00f3lico a una ubicaci\u00f3n inexistente, OpenFile creaba un archivo en esa ubicaci\u00f3n. OpenFile ahora siempre devuelve un error cuando los indicadores O_CREATE y O_EXCL est\u00e1n activados y la ruta de destino es un enlace simb\u00f3lico."}], "id": "CVE-2025-0913", "lastModified": "2025-08-08T14:53:03.550", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-06-11T18:15:24.627", "references": [{"source": "security@golang.org", "tags": ["Issue Tracking"], "url": "https://go.dev/cl/672396"}, {"source": "security@golang.org", "tags": ["Issue Tracking"], "url": "https://go.dev/issue/73702"}, {"source": "security@golang.org", "tags": ["Mailing List"], "url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"}, {"source": "security@golang.org", "tags": ["Vendor Advisory"], "url": "https://pkg.go.dev/vuln/GO-2025-3750"}], "sourceIdentifier": "security@golang.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}