Zurück zur CVE-Übersicht
CVE-2025-61732
HIGH(8.6)CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Risk Signal Score22/100 — NIEDRIG
- CVSS 8.6 — Hoch
EPSS-Score
0%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
8.6
Technische Schwere
Beschreibung
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
Referenzen
- https://go.dev/cl/734220
- https://go.dev/issue/76697
- https://groups.google.com/g/golang-announce/c/K09ubi9FQFk
- https://pkg.go.dev/vuln/GO-2026-4433
- https://access.redhat.com/errata/RHSA-2026:10104
- https://access.redhat.com/errata/RHSA-2026:12282
- https://access.redhat.com/errata/RHSA-2026:14100
- https://access.redhat.com/errata/RHSA-2026:14774
- https://access.redhat.com/errata/RHSA-2026:15091
- https://access.redhat.com/errata/RHSA-2026:17598