Security Advisory

CVE-2025-13425

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-20 15:30:31

Last updated 2025-11-20 16:24:21

Assigner Google

State PUBLISHED

Description

A bug in the filesystem traversal fallback path causes fs/diriterate/diriterate.go:Next() to overindex an empty slice when ReadDir returns nil for an empty directory, resulting in a panic (index out of range) and an application crash (denial of service) in OSV-SCALIBR.

← Browse all CVEs View on cve.org ↗