CVE-2024-8244 Information
Aug 07, 2025
cve
Description
The filepath.Walk and filepath.WalkDir functions are documented as not following symbolic links but both functions are susceptible to a TOCTOU (time of check/time of use) race condition where a portion of the path being walked is replaced with a symbolic link while the walk is in progress.
Reference
https://go.dev/issue/70007 https://pkg.go.dev/vuln/GO-2025-9999
Related CNNVD
CNNVD-202508-418 (Published: 2025-08-06)
Share on: