{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-10T07:48:11.876","vulnerabilities":[{"cve":{"id":"CVE-2024-8244","sourceIdentifier":"security@golang.org","published":"2025-08-06T16:15:28.080","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The filepath.Walk and filepath.WalkDir functions are documented as not following symbolic links, but both functions are susceptible to a TOCTOU (time of check/time of use) race condition where a portion of the path being walked is replaced with a symbolic link while the walk is in progress."},{"lang":"es","value":"Las funciones filepath.Walk y filepath.WalkDir están documentadas como que no siguen enlaces simbólicos, pero ambas funciones son susceptibles a una condición de ejecución TOCTOU (tiempo de verificación/tiempo de uso) donde una parte de la ruta que se está recorriendo se reemplaza con un enlace simbólico mientras el recorrido está en progreso."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4}]},"references":[{"url":"https://go.dev/issue/70007","source":"security@golang.org"},{"url":"https://pkg.go.dev/vuln/GO-2025-9999","source":"security@golang.org"}]}}]}