Details:
The golang packages provide the Go programming language compiler.
Security Fix(es):
cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive (CVE-2025-61731)
net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
0:1.25.8-1.el9_60:1.25.8-1.el9_60:1.25.8-1.el9_60:1.25.8-1.el9_60:1.25.8-1.el9_60:1.25.8-1.el9_60:1.25.8-1.el9_60:1.25.8-1.el9_6Exploitability
AV:LAC:LPR:NUI:RScope
S:CImpact
C:HI:HA:H8.6/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H