CVE-2025-10954 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Versions of the package github.com/nyaruka/phonenumbers before 1.2.2 are vulnerable to Improper Validation of Syntactic Correctness of Input in the phonenumbers…
Medium CVSS: 5.5

CVE-2025-10954

Versions of the package github.com/nyaruka/phonenumbers before 1.2.2 are vulnerable to Improper Validation of Syntactic Correctness of Input in the phonenumbers.Parse() function. An attacker can cause a panic by providing crafted input causing a "runtime error: slice bounds out of range".
Vendor
Textit
Product
Phonenumbers
CWE
CWE-1286
Yayın Tarihi
2025-09-27 05:15:29
Güncelleme
2025-10-03 18:30:04
Source Identifier
report@snyk.io
KEV Date Added
-

Kategoriler

CWE-1286 Phonenumbers MEDIUM Textit 2025

Referanslar

https://github.com/nyaruka/phonenumbers/commit/0479e35488e8a002a261cdb515ef8a7f80ca37fe https://github.com/nyaruka/phonenumbers/issues/148 https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMNYARUKAPHONENUMBERS-6084070