CVE-2025-0913

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-0913

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-0913.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-0913

Aliases

Downstream

BELL-CVE-2025-0913

CLEANSTART-2026-BY71381

CLEANSTART-2026-CV28298

CLEANSTART-2026-WK88787

ECHO-6c2b-4775-07f5

MINI-2725-w8cw-3jqv

MINI-47jr-4hq5-qhwf

MINI-48q5-3mw4-65cx

MINI-4r87-p4g4-6m3h

MINI-5p5m-vmhp-r6pq

MINI-63pf-9wv7-cj5f

MINI-67q6-mc94-48c2

MINI-68wh-hqw7-ghg6

MINI-6gcw-rxcx-9vm6

MINI-6mpx-33hg-cj3p

MINI-6pvr-r6mp-9fw8

MINI-75xv-8887-vjjp

MINI-84w8-7227-g875

MINI-8p47-xwrv-746c

MINI-8r52-wxqh-6fhj

MINI-8rfh-22c5-44w5

MINI-92fq-whg4-xjrp

MINI-95cx-7j92-cjfg

MINI-96vj-f6vw-5qvc

MINI-9c6r-7jx6-qfcf

MINI-9q54-qc5w-2589

MINI-c3gm-f368-xrr4

MINI-c8rf-54jw-44r6

MINI-cg2h-jg4w-5jh6

MINI-f2gx-v3j4-f3v8

MINI-frc3-9xf6-2x25

MINI-g6f2-2rvw-q49f

MINI-g89h-hwfm-684r

MINI-hqj6-qcvf-99jm

MINI-j286-79mg-mcvp

MINI-jwv9-v38x-qx6r

MINI-m6w9-hp59-c6w8

MINI-p6wv-j3fq-fmr4

MINI-pv95-6m6r-68m4

MINI-q5rq-pq36-3wxm

MINI-q8r8-8f53-wp2m

MINI-qj5w-9pxj-f4gc

MINI-qmp6-hr87-26pp

MINI-qw5j-w5m9-x9w7

MINI-rcwq-ggwq-fm4f

MINI-rmx7-qh6f-96vh

MINI-rrcf-q9rw-5h2q

MINI-v98w-p57r-wg8q

MINI-vf2v-9jj6-q647

MINI-vg39-9p74-hhg9

MINI-wpxc-qxgv-2chc

MINI-wv7h-5pvg-mwq6

MINI-x84w-6m68-3jcg

MINI-x8mx-99h4-4mr4

SUSE-SU-2025:01846-1

SUSE-SU-2025:01848-1

SUSE-SU-2025:03158-1

SUSE-SU-2025:03159-1

UBUNTU-CVE-2025-0913

Related

Published

2025-06-11T18:15:24.627Z

Modified

2026-02-14T01:10:45.199631Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

os.OpenFile(path, os.OCREATE|OEXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with OCREATE and OEXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the OCREATE and OEXCL flags are both set and the target path is a symlink.

References

Affected packages

Git / github.com/golang/go

Affected ranges

Type: GIT
Repo: https://github.com/golang/go
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

d375ae50633cdf1cd8536f2a199c382f9053b638

Introduced

3901409b5d0fb7c85a3e6730a59943cc93b2835c

Fixed

6796ebb2cb66b316a07998cdcd69b1c486b8579e

Affected versions

go1.*

go1.24.0

go1.24.1

go1.24.2

go1.24.3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-0913.json"