CVE-2025-58189

Опубликовано: 29 окт. 2025

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

When Conn.Handshake fails during ALPN negotiation the error contains attacker controlled information (the ALPN protocols sent by the client) which is not escaped.

Ссылки

EPSS

Процентиль: 7%

0.00029

Низкий

5.3 Medium

CVSS3

Дефекты

Связанные уязвимости

CVE-2025-58189

CVSS3: 5.3

ubuntu

27 дней назад

[crypto/tls: ALPN negotiation errors can contain arbitrary text]

CVE-2025-58189

CVSS3: 5.3

debian

7 дней назад

When Conn.Handshake fails during ALPN negotiation the error contains a ...

GHSA-cxq7-xw9v-rcv3

CVSS3: 5.3

github

7 дней назад

When Conn.Handshake fails during ALPN negotiation the error contains attacker controlled information (the ALPN protocols sent by the client) which is not escaped.

SUSE-SU-2025:3682-1

suse-cvrf

16 дней назад

Security update for go1.24

SUSE-SU-2025:03547-1

suse-cvrf

26 дней назад

Security update for go1.25

EPSS

Процентиль: 7%

0.00029

Низкий

5.3 Medium

CVSS3