GO-2025-3816
- Source
- https://pkg.go.dev/vuln/GO-2025-3816
- Import Source
- https://vuln.go.dev/ID/GO-2025-3816.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GO-2025-3816
- Aliases
- Published
- 2025-07-29T18:49:33Z
- Modified
- 2025-07-29T19:12:15.889898Z
- Summary
- apko is vulnerable to attack through incorrect permissions in /etc/ld.so.cache and other files in chainguard.dev/apko
- Details
-
apko is vulnerable to attack through incorrect permissions in /etc/ld.so.cache and other files in chainguard.dev/apko
- Database specific
{ "review_status": "UNREVIEWED", "url": "https://pkg.go.dev/vuln/GO-2025-3816" }- References
-
- https://github.com/chainguard-dev/apko/security/advisories/GHSA-x6ph-r535-3vjw
- https://nvd.nist.gov/vuln/detail/CVE-2025-53945
- https://github.com/chainguard-dev/apko/commit/04f37e2d50d5a502e155788561fb7d40de705bd9
- https://github.com/chainguard-dev/apko/commit/aedb0772d6bf6e74d8f17690946dbc791d0f6af3
- https://github.com/chainguard-dev/apko/releases/tag/v0.29.5
Affected packages
Go / chainguard.dev/apko
Package
- Name
- chainguard.dev/apko
- View open source insights on deps.dev
- Purl
- pkg:golang/chainguard.dev/apko