VDB
GCVE-110-MAGEIA-2025-256
GCVE-110-MAGEIA-2025-256
Advisory Published
Insufficient validation of bracketed IPv6 hostnames in net/url.
(CVE-2025-47912)
Unbounded allocation when parsing GNU sparse map in archive/tar.
(CVE-2025-58183)
Parsing DER payload can cause memory exhaustion in encoding/asn1.
(CVE-2025-58185)
Lack of limit when parsing cookies can cause memory exhaustion in
net/http. (CVE-2025-58186)
Quadratic complexity when checking name constraints in crypto/x509.
(CVE-2025-58187)
Panic when validating certificates with DSA public keys in crypto/x509.
(CVE-2025-58188)
ALPN negotiation error contains attacker controlled information in
crypto/tls. (CVE-2025-58189)
Quadratic complexity when parsing some invalid inputs in encoding/pem.
(CVE-2025-61723)
Excessive CPU consumption in Reader.ReadResponse in net/textproto.
(CVE-2025-61724)
Excessive CPU consumption in ParseAddress in net/mail. (CVE-2025-61725)
These packages fix the issues for the compiler only; applications using the
functions still need to be rebuilt.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | golang | 1.24.9-1.mga9 (unaffected), 0 (affected) | — |
| Oracle Cloud | functions | — | — |
| Azure | functions | — | — |
Browse GCVE Records
72,337 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.