go-filesystem (AlmaLinux:9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:9 package go-filesystem, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2025-61726 — CVSS 7.5 (high): The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs…
CVE-2026-25679 — CVSS 7.5 (high): url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.
CVE-2025-47906 — CVSS 6.5 (medium): If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath…