VDB

CESS-2025-58189

CESS-2025-58189 PUBLISHED CVSS 5.3 MEDIUM

When Conn.Handshake fails during ALPN negotiation the error contains attacker controlled information (the ALPN protocols sent by the client) which is not escaped.

Risk Scores

CVSS 3.1
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Timeline

  • Sep 30, 2025 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›