CNNVD-202510-3927 Information

CNNVD ID

CNNVD-202510-3927

Related CVE

CVE-2025-58187

• CNNVD Published: 2025-10-29

Description (Chinese)

Google Go是美国谷歌（Google）公司的一种静态强类型、编译型、并发型，并具有垃圾回收功能的编程语言。 Google Go存在安全漏洞，该漏洞源于名称约束检查算法设计缺陷，可能导致证书验证时间非线性增长。

Description (English)

Google Go is a static type, compiler, hairdresser of Google and a programme language with a garbage recovery function. Google Go has a security loophole, which stems from name-bound check algorithm design defects, which may lead to a non-linear increase in the time of certification.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

谷歌

Published

2025-10-29

Last Modified

2026-02-24

References

https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://pkg.go.dev/vuln/GO-2025-4007 https://go.dev/issue/75681 https://go.dev/cl/709854 http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/security/cve/cve-2025-58187

Patch

https://go.dev/dl/