CVE-2025-58189

Опубликовано: 31 окт. 2025

Источник: msrc

CVSS3: 7.5

EPSS Низкий

Описание

ALPN negotiation error contains attacker controlled information in crypto/tls

EPSS

Процентиль: 11%

0.00038

Низкий

7.5 High

CVSS3

Связанные уязвимости

CVE-2025-58189

CVSS3: 5.3

ubuntu

27 дней назад

[crypto/tls: ALPN negotiation errors can contain arbitrary text]

CVE-2025-58189

CVSS3: 5.3

nvd

7 дней назад

When Conn.Handshake fails during ALPN negotiation the error contains attacker controlled information (the ALPN protocols sent by the client) which is not escaped.

CVE-2025-58189

CVSS3: 5.3

debian

7 дней назад

When Conn.Handshake fails during ALPN negotiation the error contains a ...

GHSA-cxq7-xw9v-rcv3

CVSS3: 5.3

github

7 дней назад

When Conn.Handshake fails during ALPN negotiation the error contains attacker controlled information (the ALPN protocols sent by the client) which is not escaped.

SUSE-SU-2025:3682-1

suse-cvrf

16 дней назад

Security update for go1.24

EPSS

Процентиль: 11%

0.00038

Низкий

7.5 High

CVSS3