CNNVD-202510-3923 Information

CNNVD ID

CNNVD-202510-3923

Related CVE

CVE-2025-61723

• CNNVD Published: 2025-10-29

Description (Chinese)

Google Go encoding是美国谷歌（Google）公司的一个基于Go语言为数据提供多种形式编码的代码库。 Google Go encoding存在安全漏洞，该漏洞源于解析某些无效输入时处理时间与输入大小非线性相关，可能导致拒绝服务攻击。

Description (English)

Google Go encoding is a Google-based code library that provides multiple forms of coding for data in Go language. There is a security loophole in Google Go encoding, which results from the analysis of the non-linearness of the processing time associated with input size at the time of some invalid input, which may lead to a denial of service attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

谷歌

Published

2025-10-29

Last Modified

2026-02-24

References

https://pkg.go.dev/vuln/GO-2025-4009 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://go.dev/cl/709858 https://go.dev/issue/75676 https://access.redhat.com/security/cve/cve-2025-61723

Patch

https://go.dev/dl/