CVE-2025-68120

Medium CVSS: 5.4

To prevent unexpected untrusted code execution, the Visual Studio Code Go extension is now disabled in Restricted Mode.

Vendor

Product

CWE

Yayın Tarihi

2025-12-30 00:15:52

Güncelleme

2026-01-06 16:17:16

Source Identifier

security@golang.org

KEV Date Added

NVD-CWE-noinfo Go MEDIUM Go 2025

https://groups.google.com/g/golang-dev/c/CHG4qfcicBU/m/4tanFUymDQAJ https://nvd.nist.gov/vuln/detail/CVE-2025-68120 https://pkg.go.dev/vuln/GO-2025-4249

Medium

CVE-2025-58190

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can…

Medium

CVE-2025-47911

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which…

High

CVE-2025-47913

SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the cl…

High

CVE-2025-22868

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.

High

CVE-2025-22869

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which comp…