CNNVD-202510-3926 Information

CNNVD ID

CNNVD-202510-3926

Related CVE

CVE-2025-58188

• CNNVD Published: 2025-10-29

Description (Chinese)

Google Go encoding是美国谷歌（Google）公司的一个基于Go语言为数据提供多种形式编码的代码库。 Google Go encoding存在安全漏洞，该漏洞源于验证包含DSA公钥的证书链时接口转换错误，可能导致程序崩溃。

Description (English)

Google Go encoding is a Google-based code library that provides multiple forms of coding for data in Go language. Google Go encoding has a security loophole, which results from an error in the interface conversion when the certificate chain containing the DSA public key is validated, which could lead to a collapse of the program.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

谷歌

Published

2025-10-29

Last Modified

2026-02-24

References

https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://pkg.go.dev/vuln/GO-2025-4013 https://go.dev/cl/709853 https://go.dev/issue/75675 https://access.redhat.com/security/cve/cve-2025-58188

Patch

https://go.dev/dl/