VDB
GO-2025-3488
GO-2025-3488
PUBLISHED
Unexpected memory consumption during token parsing in golang.org/x/oauth2
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| golang.org | x/oauth2 | 0, 0 |
Timeline
- Feb 26, 2025 CVE Published
- Mar 24, 2026 CVE Updated
References
- https://go.dev/cl/652155 patch
- https://go.dev/issue/71490 report