Search for packages
| purl | pkg:deb/debian/golang-1.25@1.25.6-1?distro=sid |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-5q9b-a7c4-1yht | golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip |
CVE-2025-61728
|
| VCID-9ky3-s2vk-cuge | golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs |
CVE-2025-61727
|
| VCID-csmt-e61b-tued | cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive |
CVE-2025-61731
|
| VCID-dp1t-v58b-43du | crypto/tls: Unexpected session resumption in crypto/tls |
CVE-2025-68121
|
| VCID-dtt9-gmqf-nbaf | golang: net/url: Memory exhaustion in query parameter parsing in net/url |
CVE-2025-61726
|
| VCID-hay4-q9m3-ekdj | crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate |
CVE-2025-61729
|
| VCID-je6z-v5qw-ufew | During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries (for instance the Client Hello and Encrypted Extensions messages), the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosure if a network-local attacker can inject messages during the handshake. |
CVE-2025-61730
|
| VCID-wchc-as62-1fae | cmd/go: cmd/go: Local code execution and arbitrary file write via malicious module version strings |
CVE-2025-68119
|