Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2025-47907
Analyzed
More InfoOfficial Page
Source-security@golang.org
View Known Exploited Vulnerability (KEV) details
Published At-07 Aug, 2025 | 16:15
Updated At-29 Jan, 2026 | 19:11

Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.0HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
Type: Secondary
Version: 3.1
Base score: 7.0
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
CPE Matches
Go
golang
>>go>>Versions before 1.23.12(exclusive)
cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*
Go
golang
>>go>>Versions from 1.24.0(inclusive) to 1.24.6(exclusive)
cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-362Primarynvd@nist.gov
CWE ID: CWE-362
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://go.dev/cl/693735security@golang.org
Patch
https://go.dev/issue/74831security@golang.org
Issue Tracking
Third Party Advisory
https://groups.google.com/g/golang-announce/c/x5MKroML2yMsecurity@golang.org
Mailing List
Release Notes
https://pkg.go.dev/vuln/GO-2025-3849security@golang.org
Vendor Advisory
http://www.openwall.com/lists/oss-security/2025/08/06/1af854a3a-2127-422b-91ae-364da2661108
Mailing List
Release Notes
Hyperlink: https://go.dev/cl/693735
Source: security@golang.org
Resource:
Patch
Hyperlink: https://go.dev/issue/74831
Source: security@golang.org
Resource:
Issue Tracking
Third Party Advisory
Hyperlink: https://groups.google.com/g/golang-announce/c/x5MKroML2yM
Source: security@golang.org
Resource:
Mailing List
Release Notes
Hyperlink: https://pkg.go.dev/vuln/GO-2025-3849
Source: security@golang.org
Resource:
Vendor Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2025/08/06/1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Release Notes
Change History
0Changes found
Details not found