CVE-2025-22868

High CVSS: 7.5

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.

Vendor

Product

CWE

Yayın Tarihi

2025-02-26 08:14:24

Güncelleme

2025-05-01 19:27:10

Source Identifier

security@golang.org

KEV Date Added

CWE-1286 Jws HIGH Go 2025

https://go.dev/cl/652155 https://go.dev/issue/71490 https://pkg.go.dev/vuln/GO-2025-3488

Medium

CVE-2025-58190

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can…

Medium

CVE-2025-47911

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which…

Medium

CVE-2025-68120

To prevent unexpected untrusted code execution, the Visual Studio Code Go extension is now disabled in Restricted Mode.

High

CVE-2025-47913

SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the cl…

High

CVE-2025-22869

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which comp…