{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-22873", "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "state": "PUBLISHED", "assignerShortName": "Go", "dateReserved": "2025-01-08T19:11:42.835Z", "datePublished": "2026-02-04T23:05:24.803Z", "dateUpdated": "2026-02-05T15:03:55.451Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go", "dateUpdated": "2026-02-04T23:05:24.803Z"}, "title": "Improper access to parent directory of root in os", "descriptions": [{"lang": "en", "value": "It was possible to improperly access the parent directory of an os.Root by opening a filename ending in \"../\". For example, Root.Open(\"../\") would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained within the parent."}], "affected": [{"vendor": "Go standard library", "product": "os", "collectionURL": "https://pkg.go.dev", "packageName": "os", "versions": [{"version": "0", "lessThan": "1.23.9", "status": "affected", "versionType": "semver"}, {"version": "1.24.0-0", "lessThan": "1.24.3", "status": "affected", "versionType": "semver"}], "programRoutines": [{"name": "splitPathInRoot"}, {"name": "checkPathEscapesInternal"}, {"name": "doInRoot"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-23: Relative Path Traversal"}]}], "references": [{"url": "https://go.dev/cl/670036"}, {"url": "https://go.dev/issue/73555"}, {"url": "https://groups.google.com/g/golang-announce/c/UZoIkUT367A/m/5WDxKizJAQAJ"}, {"url": "https://pkg.go.dev/vuln/GO-2026-4403"}], "credits": [{"lang": "en", "value": "Dan Sebastian Thrane of SDU eScience Center"}]}, "adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2025/05/06/2"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-02-04T23:08:02.625Z"}}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-23", "lang": "en", "description": "CWE-23 Relative Path Traversal"}]}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 3.8, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-02-05T15:03:11.291122Z", "id": "CVE-2025-22873", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-05T15:03:55.451Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2025/05/06/2"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-02-04T23:08:02.625Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 3.8, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-22873", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-05T15:03:11.291122Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-23", "description": "CWE-23 Relative Path Traversal"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-05T15:01:19.064Z"}}], "cna": {"title": "Improper access to parent directory of root in os", "credits": [{"lang": "en", "value": "Dan Sebastian Thrane of SDU eScience Center"}], "affected": [{"vendor": "Go standard library", "product": "os", "versions": [{"status": "affected", "version": "0", "lessThan": "1.23.9", "versionType": "semver"}, {"status": "affected", "version": "1.24.0-0", "lessThan": "1.24.3", "versionType": "semver"}], "packageName": "os", "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "programRoutines": [{"name": "splitPathInRoot"}, {"name": "checkPathEscapesInternal"}, {"name": "doInRoot"}]}], "references": [{"url": "https://go.dev/cl/670036"}, {"url": "https://go.dev/issue/73555"}, {"url": "https://groups.google.com/g/golang-announce/c/UZoIkUT367A/m/5WDxKizJAQAJ"}, {"url": "https://pkg.go.dev/vuln/GO-2026-4403"}], "descriptions": [{"lang": "en", "value": "It was possible to improperly access the parent directory of an os.Root by opening a filename ending in \"../\". For example, Root.Open(\"../\") would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained within the parent."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-23: Relative Path Traversal"}]}], "providerMetadata": {"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go", "dateUpdated": "2026-02-04T23:05:24.803Z"}}}, "cveMetadata": {"cveId": "CVE-2025-22873", "state": "PUBLISHED", "dateUpdated": "2026-02-05T15:03:55.451Z", "dateReserved": "2025-01-08T19:11:42.835Z", "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "datePublished": "2026-02-04T23:05:24.803Z", "assignerShortName": "Go"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A122760-875E-46BB-9B57-DB449401ABB4", "versionEndExcluding": "1.23.9", "vulnerable": true}, {"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", "matchCriteriaId": "97948C01-99E9-49E8-84C6-0E9AFE120C80", "versionEndExcluding": "1.24.3", "versionStartIncluding": "1.24.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "It was possible to improperly access the parent directory of an os.Root by opening a filename ending in \"../\". For example, Root.Open(\"../\") would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained within the parent."}], "id": "CVE-2025-22873", "lastModified": "2026-02-10T15:16:40.057", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.8, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-02-04T23:15:54.220", "references": [{"source": "[email protected]", "tags": ["Patch", "Product"], "url": "https://go.dev/cl/670036"}, {"source": "[email protected]", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://go.dev/issue/73555"}, {"source": "[email protected]", "tags": ["Mailing List", "Release Notes"], "url": "https://groups.google.com/g/golang-announce/c/UZoIkUT367A/m/5WDxKizJAQAJ"}, {"source": "[email protected]", "tags": ["Vendor Advisory", "Issue Tracking"], "url": "https://pkg.go.dev/vuln/GO-2026-4403"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2025/05/06/2"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-23"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "os: os: Information disclosure via path traversal using specially crafted filenames", "id": "2436992", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436992"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "status": "draft"}, "cwe": "CWE-22", "details": ["It was possible to improperly access the parent directory of an os.Root by opening a filename ending in \"../\". For example, Root.Open(\"../\") would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained within the parent.", "A path traversal vulnerability has been identified in the Go os package affecting the Root abstraction, where improper handling of trailing path separators could allow access to the parent directory of a configured root directory. By supplying a filename ending in \"../\", an attacker may be able to open the immediate parent directory of the intended Root. Although this escape does not allow traversal to higher-level ancestors or direct access to files within the parent directory, it may expose directory metadata or unintended filesystem structure if the application passes untrusted path input to Root.Open."], "mitigation": {"lang": "en:us", "value": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability."}, "name": "CVE-2025-22873", "package_state": [{"cpe": "cpe:/a:redhat:amq_clients:2023", "fix_state": "Fix deferred", "package_name": "python3-qpid-proton", "product_name": "AMQ Clients"}, {"cpe": "cpe:/a:redhat:amq_clients:2023", "fix_state": "Fix deferred", "package_name": "qpid-proton", "product_name": "AMQ Clients"}, {"cpe": "cpe:/a:redhat:assisted_installer:2", "fix_state": "Fix deferred", "package_name": "rhai/assisted-installer-rhel9", "product_name": "Assisted Installer for Red Hat OpenShift Container Platform 2"}, {"cpe": "cpe:/a:redhat:openshift_builds:1", "fix_state": "Fix deferred", "package_name": "openshift-builds/openshift-builds-waiters-rhel9", "product_name": "Builds for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:cert_manager:1", "fix_state": "Fix deferred", "package_name": "cert-manager/jetstack-cert-manager-rhel9", "product_name": "cert-manager Operator for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:openshift_compliance_operator:1", "fix_state": "Fix deferred", "package_name": "compliance/openshift-compliance-operator-bundle", "product_name": "Compliance Operator"}, {"cpe": "cpe:/a:redhat:confidential_compute_attestation:1", "fix_state": "Fix deferred", "package_name": "build-of-trustee/trustee-rhel9-operator", "product_name": "Confidential Compute Attestation"}, {"cpe": "cpe:/a:redhat:confidential_compute_attestation:1", "fix_state": "Fix deferred", "package_name": "openshift-sandboxed-containers/osc-monitor-rhel9", "product_name": "Confidential Compute Attestation"}, {"cpe": "cpe:/a:redhat:cryostat:4", "fix_state": "Fix deferred", "package_name": "cryostat/cryostat-storage-rhel9", "product_name": "Cryostat 4"}, {"cpe": "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2", "fix_state": "Fix deferred", "package_name": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9", "product_name": "Custom Metric Autoscaler operator for Red Hat Openshift"}, {"cpe": "cpe:/a:redhat:deployment_validator_operator", "fix_state": "Fix deferred", "package_name": "dvo/deployment-validation-rhel8-operator", "product_name": "Deployment Validation Operator"}, {"cpe": "cpe:/a:redhat:ext_dns_optr:1", "fix_state": "Fix deferred", "package_name": "edo/external-dns-rhel8", "product_name": "ExternalDNS Operator"}, {"cpe": "cpe:/a:redhat:ext_dns_optr:1", "fix_state": "Fix deferred", "package_name": "edo/external-dns-rhel9", "product_name": "ExternalDNS Operator"}, {"cpe": "cpe:/a:redhat:external_secrets_operator:1", "fix_state": "Fix deferred", "package_name": "external-secrets-operator/external-secrets-rhel9", "product_name": "External Secrets Operator for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:workload_availability_far:0", "fix_state": "Fix deferred", "package_name": "workload-availability/fence-agents-remediation-rhel8-operator", "product_name": "Fence Agents Remediation Operator"}, {"cpe": "cpe:/a:redhat:openshift_file_integrity_operator:1", "fix_state": "Fix deferred", "package_name": "compliance/openshift-compliance-operator-bundle", "product_name": "File Integrity Operator"}, {"cpe": "cpe:/a:redhat:gatekeeper:3", "fix_state": "Fix deferred", "package_name": "gatekeeper/gatekeeper-rhel9-operator", "product_name": "Gatekeeper 3"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Fix deferred", "package_name": "openshift-logging/logging-loki-rhel9", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:6", "fix_state": "Fix deferred", "package_name": "openshift-logging/eventrouter-rhel9", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:lvms:4", "fix_state": "Fix deferred", "package_name": "lvms4/lvms-rhel9-operator", "product_name": "Logical Volume Manager Storage"}, {"cpe": "cpe:/a:redhat:lvms:4", "fix_state": "Fix deferred", "package_name": "lvms4/topolvm-rhel8", "product_name": "Logical Volume Manager Storage"}, {"cpe": "cpe:/a:redhat:lvms:4", "fix_state": "Fix deferred", "package_name": "lvms4/topolvm-rhel9", "product_name": "Logical Volume Manager Storage"}, {"cpe": "cpe:/a:redhat:workload_availability_mdr:0", "fix_state": "Fix deferred", "package_name": "workload-availability/machine-deletion-remediation-rhel8-operator", "product_name": "Machine Deletion Remediation Operator"}, {"cpe": "cpe:/a:redhat:migration_toolkit_applications:8", "fix_state": "Fix deferred", "package_name": "mta/mta-cli-rhel9", "product_name": "Migration Toolkit for Applications 8"}, {"cpe": "cpe:/a:redhat:rhmt:1", "fix_state": "Fix deferred", "package_name": "rhmtc/openshift-migration-registry-rhel8", "product_name": "Migration Toolkit for Containers"}, {"cpe": "cpe:/a:redhat:mirror_registry:1", "fix_state": "Fix deferred", "package_name": "openshift/mirror-registry-rhel8", "product_name": "mirror registry for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:mirror_registry:2", "fix_state": "Fix deferred", "package_name": "openshift/mirror-registry-rhel8", "product_name": "mirror registry for Red Hat OpenShift 2"}, {"cpe": "cpe:/a:redhat:multiarch_tuning_operator", "fix_state": "Fix deferred", "package_name": "multiarch-tuning/multiarch-tuning-rhel9-operator", "product_name": "Multiarch Tuning Operator"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Fix deferred", "package_name": "multicluster-engine/discovery-rhel9", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_globalhub", "fix_state": "Fix deferred", "package_name": "multicluster-globalhub/multicluster-globalhub-agent-rhel9", "product_name": "Multicluster Global Hub"}, {"cpe": "cpe:/a:redhat:network_observ_optr:1", "fix_state": "Fix deferred", "package_name": "network-observability/network-observability-cli-rhel9", "product_name": "Network Observability Operator"}, {"cpe": "cpe:/a:redhat:workload_availability_nhc:0", "fix_state": "Fix deferred", "package_name": "workload-availability/node-healthcheck-rhel8-operator", "product_name": "Node HealthCheck Operator"}, {"cpe": "cpe:/a:redhat:openshift_api_data_protection:1", "fix_state": "Fix deferred", "package_name": "oadp/oadp-velero-rhel9", "product_name": "OpenShift API for Data Protection"}, {"cpe": "cpe:/a:redhat:ocp_tools", "fix_state": "Fix deferred", "package_name": "helm", "product_name": "OpenShift Developer Tools and Services"}, {"cpe": "cpe:/a:redhat:ocp_tools", "fix_state": "Fix deferred", "package_name": "ocp-tools-4/jenkins-agent-base-rhel9", "product_name": "OpenShift Developer Tools and Services"}, {"cpe": "cpe:/a:redhat:ocp_tools", "fix_state": "Fix deferred", "package_name": "ocp-tools-4/jenkins-rhel8", "product_name": "OpenShift Developer Tools and Services"}, {"cpe": "cpe:/a:redhat:ocp_tools", "fix_state": "Fix deferred", "package_name": "ocp-tools-4/jenkins-rhel9", "product_name": "OpenShift Developer Tools and Services"}, {"cpe": "cpe:/a:redhat:ocp_tools", "fix_state": "Fix deferred", "package_name": "openshift4/ose-jenkins", "product_name": "OpenShift Developer Tools and Services"}, {"cpe": "cpe:/a:redhat:openshift_lightspeed", "fix_state": "Fix deferred", "package_name": "openshift-lightspeed/lightspeed-rhel9-operator", "product_name": "OpenShift Lightspeed"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Fix deferred", "package_name": "openshift-pipelines-client", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Fix deferred", "package_name": "kn-workflow-plugin", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Fix deferred", "package_name": "openshift-serverless-1/kn-plugin-event-sender-rhel9", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Fix deferred", "package_name": "openshift-serverless-clients", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:service_mesh:2", "fix_state": "Fix deferred", "package_name": "openshift-golang-builder-container", "product_name": "OpenShift Service Mesh 2"}, {"cpe": "cpe:/a:redhat:service_mesh:2", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/kiali-rhel8", "product_name": "OpenShift Service Mesh 2"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-golang-builder-container", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/kiali-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:source_to_image:1", "fix_state": "Fix deferred", "package_name": "source-to-image/source-to-image-rhel8", "product_name": "OpenShift Source-to-Image (S2I)"}, {"cpe": "cpe:/a:redhat:openshift_power_monitoring", "fix_state": "Fix deferred", "package_name": "openshift-power-monitoring/kepler-rhel9", "product_name": "Power monitoring for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp2/3scale-rhel7-operator", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp2/3scale-rhel9-operator", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp26/3scale-operator", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp26/operator", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Fix deferred", "package_name": "rhacm2/subctl-rhel9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Fix deferred", "package_name": "advanced-cluster-security/rhacs-main-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "ansible-automation-platform-26/receptor-rhel9", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "ansible-automation-platform/platform-operator-bundle", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "automation-gateway-proxy", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "automation-gateway-proxy-openssl30", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "automation-gateway-proxy-openssl32", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:apache_camel_hawtio:4", "fix_state": "Fix deferred", "package_name": "hawtio-operator-container", "product_name": "Red Hat build of Apache Camel - HawtIO 4"}, {"cpe": "cpe:/a:redhat:ceph_storage:5", "fix_state": "Fix deferred", "package_name": "rhceph/grafana-rhel9", "product_name": "Red Hat Ceph Storage 5"}, {"cpe": "cpe:/a:redhat:ceph_storage:5", "fix_state": "Fix deferred", "package_name": "rhel8/grafana", "product_name": "Red Hat Ceph Storage 5"}, {"cpe": "cpe:/a:redhat:ceph_storage:5", "fix_state": "Fix deferred", "package_name": "rhel9/grafana", "product_name": "Red Hat Ceph Storage 5"}, {"cpe": "cpe:/a:redhat:ceph_storage:6", "fix_state": "Fix deferred", "package_name": "rhceph/grafana-rhel9", "product_name": "Red Hat Ceph Storage 6"}, {"cpe": "cpe:/a:redhat:ceph_storage:6", "fix_state": "Fix deferred", "package_name": "rhel8/grafana", "product_name": "Red Hat Ceph Storage 6"}, {"cpe": "cpe:/a:redhat:ceph_storage:6", "fix_state": "Fix deferred", "package_name": "rhel9/grafana", "product_name": "Red Hat Ceph Storage 6"}, {"cpe": "cpe:/a:redhat:ceph_storage:7", "fix_state": "Fix deferred", "package_name": "rhceph/grafana-rhel9", "product_name": "Red Hat Ceph Storage 7"}, {"cpe": "cpe:/a:redhat:ceph_storage:8", "fix_state": "Fix deferred", "package_name": "rhceph/grafana-rhel9", "product_name": "Red Hat Ceph Storage 8"}, {"cpe": "cpe:/a:redhat:certifications:9", "fix_state": "Fix deferred", "package_name": "redhat-certification-preflight", "product_name": "Red Hat Certification Program for Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:connectivity_link:1", "fix_state": "Fix deferred", "package_name": "rhcl-1/coredns-rhel9", "product_name": "Red Hat Connectivity Link 1"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Fix deferred", "package_name": "rhdh/rhdh-rhel9-operator", "product_name": "Red Hat Developer Hub"}, {"cpe": "cpe:/a:redhat:edge_manager:1", "fix_state": "Fix deferred", "package_name": "rhem/flightctl-ui-rhel9", "product_name": "Red Hat Edge Manager 1"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "buildah", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "conmon", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "golang", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "podman", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "python-awscrt", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "skopeo", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "trustee-guest-components", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "rhc", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "rhc-worker-script", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "container-tools:rhel8/conmon", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "container-tools:rhel8/containernetworking-plugins", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "container-tools:rhel8/oci-seccomp-bpf-hook", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "container-tools:rhel8/runc", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "container-tools:rhel8/skopeo", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "go-toolset:rhel8/golang", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "rhc", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "buildah", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "conmon", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "containernetworking-plugins", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "golang", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "golang-github-cpuguy83-md2man", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "oci-seccomp-bpf-hook", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "podman", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "python-awscrt", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "runc", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "skopeo", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "trustee-guest-components", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Fix deferred", "package_name": "golang", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:lightspeed_for_runtimes:1", "fix_state": "Fix deferred", "package_name": "rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator", "product_name": "Red Hat Lightspeed for Runtimes Operator"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-maas-api-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-rhel8-operator", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-rhel9-operator", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_cluster_manager_cli:1", "fix_state": "Fix deferred", "package_name": "ocm-cli-clients/ocm-cli-rhel9", "product_name": "Red Hat OpenShift Cluster Manager CLI"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "conmon", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "conmon-rs", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "containernetworking-plugins", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "cri-o", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "cri-tools", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "golang-github-prometheus-promu", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "kata-containers", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/frr-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/frr-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-sdn-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-sdn-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift-clients", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift-golang-builder-container", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "ose-aws-ecr-image-credential-provider", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "ose-azure-acr-image-credential-provider", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "ose-gcp-gcr-image-credential-provider", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "runc", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Fix deferred", "package_name": "odf4/cephcsi-rhel9", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_devspaces:3", "fix_state": "Fix deferred", "package_name": "devspaces/udi-rhel9", "product_name": "Red Hat OpenShift Dev Spaces"}, {"cpe": "cpe:/a:redhat:devworkspace", "fix_state": "Fix deferred", "package_name": "devworkspace/devworkspace-rhel9-operator", "product_name": "Red Hat OpenShift Dev Workspaces Operator"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Fix deferred", "package_name": "rhosdt/tempo-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:windows_machine_config", "fix_state": "Fix deferred", "package_name": "openshift4-wincw/windows-machine-config-rhel9-operator", "product_name": "Red Hat OpenShift for Windows Containers"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Fix deferred", "package_name": "openshift-gitops-1/dex-rhel8", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:openshift_service_on_aws:1", "fix_state": "Fix deferred", "package_name": "rosa", "product_name": "Red Hat OpenShift on AWS"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:4", "fix_state": "Fix deferred", "package_name": "container-native-virtualization/virt-api", "product_name": "Red Hat OpenShift Virtualization 4"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:4", "fix_state": "Fix deferred", "package_name": "container-native-virtualization/virt-api-rhel9", "product_name": "Red Hat OpenShift Virtualization 4"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:4", "fix_state": "Fix deferred", "package_name": "kubevirt", "product_name": "Red Hat OpenShift Virtualization 4"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:4", "fix_state": "Fix deferred", "package_name": "openshift-golang-builder-container", "product_name": "Red Hat OpenShift Virtualization 4"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Fix deferred", "package_name": "etcd", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Fix deferred", "package_name": "golang-qpid-apache", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Fix deferred", "package_name": "qpid-proton", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Fix deferred", "package_name": "rhosp-rhel8/osp-director-agent", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:17.1", "fix_state": "Fix deferred", "package_name": "etcd", "product_name": "Red Hat OpenStack Platform 17.1"}, {"cpe": "cpe:/a:redhat:openstack:17.1", "fix_state": "Fix deferred", "package_name": "golang-qpid-apache", "product_name": "Red Hat OpenStack Platform 17.1"}, {"cpe": "cpe:/a:redhat:openstack:17.1", "fix_state": "Fix deferred", "package_name": "qpid-proton", "product_name": "Red Hat OpenStack Platform 17.1"}, {"cpe": "cpe:/a:redhat:openstack:17.1", "fix_state": "Fix deferred", "package_name": "rhosp-rhel9/osp-director-agent", "product_name": "Red Hat OpenStack Platform 17.1"}, {"cpe": "cpe:/a:redhat:openstack:18.0", "fix_state": "Fix deferred", "package_name": "rhoso-operators/sg-core-rhel9", "product_name": "Red Hat OpenStack Platform 18.0"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Fix deferred", "package_name": "quay/clair-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Fix deferred", "package_name": "quay/quay-builder-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Fix deferred", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Fix deferred", "package_name": "quay/quay-rhel9", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Fix deferred", "package_name": "dynflow-utils", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Fix deferred", "package_name": "rubygem-dynflow", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Fix deferred", "package_name": "satellite-capsule:el8/dynflow-utils", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Fix deferred", "package_name": "satellite:el8/yggdrasil-worker-forwarder", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Fix deferred", "package_name": "satellite/iop-vmaas-rhel9", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Fix deferred", "package_name": "yggdrasil-worker-forwarder", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:service_interconnect:2", "fix_state": "Fix deferred", "package_name": "skupper-router", "product_name": "Red Hat Service Interconnect 2"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Fix deferred", "package_name": "rhtas/cosign-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:webterminal:1", "fix_state": "Fix deferred", "package_name": "web-terminal/web-terminal-exec-rhel9", "product_name": "Red Hat Web Terminal"}, {"cpe": "cpe:/a:redhat:amq_streams:3", "fix_state": "Fix deferred", "package_name": "golang-github-danielqsj-kafka_exporter", "product_name": "streams for Apache Kafka 3"}, {"cpe": "cpe:/a:redhat:zero_trust_workload_identity_manager:1", "fix_state": "Fix deferred", "package_name": "zero-trust-workload-identity-manager/spiffe-csi-driver-rhel9", "product_name": "Zero Trust Workload Identity Manager"}, {"cpe": "cpe:/a:redhat:zero_trust_workload_identity_manager:0", "fix_state": "Fix deferred", "package_name": "zero-trust-workload-identity-manager/spiffe-spire-agent-rhel9", "product_name": "Zero Trust Workload Identity Manager - Tech Preview"}], "public_date": "2026-02-04T23:05:24Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-22873\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-22873\nhttp://www.openwall.com/lists/oss-security/2025/05/06/2\nhttps://go.dev/cl/670036\nhttps://go.dev/issue/73555\nhttps://groups.google.com/g/golang-announce/c/UZoIkUT367A/m/5WDxKizJAQAJ\nhttps://pkg.go.dev/vuln/GO-2026-4403"], "statement": "Red Hat Product Security classified this issue as Moderate.\nThe flaw exists in a local filesystem abstraction within the Go standard library, it can also be exploited remotely in applications that accept attacker-controlled path input over a network and pass it to Root.Open without proper validation. The attack complexity is low, as exploitation requires only appending \"../\" to the supplied path. However, the impact is limited: the flaw permits opening only the immediate parent directory, not arbitrary filesystem locations or files contained within that directory. There is no direct impact on file integrity or application availability. These constraints limit the practical exposure of the issue while still represents a boundary bypass and may expose unintended filesystem metadata. The issue does not permit traversal beyond the parent directory, modification of files, or broader system compromise, thereby constraining its overall impact.", "threat_severity": "Moderate"}