VDB

GCVE-110-MAGEIA-2025-256

GCVE-110-MAGEIA-2025-256
Advisory Published
Vulnetix · Advisory published November 4, 2025
Insufficient validation of bracketed IPv6 hostnames in net/url. (CVE-2025-47912) Unbounded allocation when parsing GNU sparse map in archive/tar. (CVE-2025-58183) Parsing DER payload can cause memory exhaustion in encoding/asn1. (CVE-2025-58185) Lack of limit when parsing cookies can cause memory exhaustion in net/http. (CVE-2025-58186) Quadratic complexity when checking name constraints in crypto/x509. (CVE-2025-58187) Panic when validating certificates with DSA public keys in crypto/x509. (CVE-2025-58188) ALPN negotiation error contains attacker controlled information in crypto/tls. (CVE-2025-58189) Quadratic complexity when parsing some invalid inputs in encoding/pem. (CVE-2025-61723) Excessive CPU consumption in Reader.ReadResponse in net/textproto. (CVE-2025-61724) Excessive CPU consumption in ParseAddress in net/mail. (CVE-2025-61725) These packages fix the issues for the compiler only; applications using the functions still need to be rebuilt.

Affected Products

VendorProductVersionsPlatforms
Mageiagolang1.24.9-1.mga9 (unaffected), 0 (affected)
Oracle Cloudfunctions
Azurefunctions

Browse GCVE Records

72,337 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›