CVE-2025-61725
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-29
Last updated on: 2025-12-09
Assigner: Go Project
Description
Description
The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| golang | go | From 1.25.0 (inc) to 1.25.2 (inc) |
| golang | go | 1.25.2 |
| golang | go | 1.24.8 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the ParseAddress function, which constructs domain-literal address components by repeatedly concatenating strings. When it processes large domain-literal components, this repeated concatenation can lead to excessive CPU usage.
How can this vulnerability impact me? :
The vulnerability can cause excessive CPU consumption when parsing large domain-literal address components, potentially leading to performance degradation or denial of service due to resource exhaustion.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70