CNNVD-202510-3929 Information

CNNVD ID

CNNVD-202510-3929

Related CVE

CVE-2025-58185

• CNNVD Published: 2025-10-29

Description (Chinese)

Google Go是美国谷歌（Google）公司的一种静态强类型、编译型、并发型，并具有垃圾回收功能的编程语言。 Google Go存在安全漏洞，该漏洞源于解析特制DER有效载荷时可能分配大量内存，导致内存耗尽。

Description (English)

Google Go is a static type, compiler, hairdresser of Google and a programme language with a garbage recovery function. There is a security loophole in Google Go, which results from the potential to allocate large amounts of memory when the specially designed DER payload is analyzed, leading to depletion of the memory.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

谷歌

Published

2025-10-29

Last Modified

2026-02-24

References

https://go.dev/cl/709856 https://go.dev/issue/75671 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://pkg.go.dev/vuln/GO-2025-4011

Patch

https://go.dev/dl/