CNNVD-202511-2149 Information

CNNVD ID

CNNVD-202511-2149

Related CVE

CVE-2025-58181

• CNNVD Published: 2025-11-19

Description (Chinese)

Google Golang是美国谷歌（Google）公司的一种静态强类型、编译型语言。Go的语法接近C语言，但对于变量的声明有所不同。Go支持垃圾回收功能。Go的并行模型是以东尼·霍尔的通信顺序进程（CSP）为基础，采取类似模型的其他语言包括Occam和Limbo，但它也具有Pi运算的特征，比如通道传输。 Google Golang存在安全漏洞，该漏洞源于未验证机制数量，可能导致内存消耗过大。

Description (English)

Google Golang is a static, compiled language of Google. Go has a syntax close to the C language, but different statements for variables. Go supports garbage recycling. Go ’ s parallel model is based on Tony Hall ’ s communication sequence process (CSP) and other languages that follow similar models include Occam and Limbo, but it also has the characteristics of a Pi operation, such as channel transport. Google Golang has a security loophole, which stems from the number of unverified mechanisms, which may lead to excessive memory consumption.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

谷歌

Published

2025-11-19

Last Modified

2026-02-24

References

https://go.dev/cl/721961 https://go.dev/issue/76363 https://pkg.go.dev/vuln/GO-2025-4134 https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA https://access.redhat.com/security/cve/cve-2025-58181 https://vigilance.fr/vulnerability/golang-org-x-crypto-overload-via-SSH-Servers-GSSAPI-Authentication-49007