RHSA-2025%3A23833 — Vulnetix

RHSA-2025%3A23833 PUBLISHED CVSS 6.5 MEDIUM

Red Hat Security Advisory: go-rpm-macros security update

Risk Scores

CVSS 3.1

6.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Affected Products

Vendor	Product	Versions
Red Hat:rhel_e4s:9.2::appstream	go-rpm-macros	0, 0
Red Hat:rhel_e4s:9.2::appstream	go-srpm-macros	0, 0
Red Hat:rhel_e4s:9.2::appstream	go-filesystem	0, 0
Red Hat:rhel_e4s:9.2::appstream	go-rpm-templates	0, 0

Exploit Intelligence

AZL-67512.json (github-poc)
AZL-67512.json (github-poc)
exec.go (github-poc)

Timeline

Dec 23, 2025 CVE Published
May 1, 2026 CVE Updated
May 1, 2026 Distribution Patch
May 1, 2026 Distribution Patch
May 1, 2026 Security Advisory
May 1, 2026 Security Advisory

References

https://access.redhat.com/errata/RHSA-2025:23833 advisory
https://access.redhat.com/security/updates/classification/#moderate article
https://bugzilla.redhat.com/show_bug.cgi?id=2396546 report
https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23833.json advisory
https://access.redhat.com/security/cve/CVE-2025-47906 report
https://www.cve.org/CVERecord?id=CVE-2025-47906 advisory
https://nvd.nist.gov/vuln/detail/CVE-2025-47906 advisory
https://go.dev/cl/691775 article
https://go.dev/issue/74466 article
https://groups.google.com/g/golang-announce/c/x5MKroML2yM article
https://pkg.go.dev/vuln/GO-2025-3956 advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›