vulnerability
Red Hat: CVE-2025-61729: crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Dec 2, 2025 | Jan 22, 2026 | Feb 10, 2026 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Dec 2, 2025
Added
Jan 22, 2026
Modified
Feb 10, 2026
Description
Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.
Solutions
redhat-upgrade-delveredhat-upgrade-delve-debuginforedhat-upgrade-delve-debugsourceredhat-upgrade-go-toolsetredhat-upgrade-golangredhat-upgrade-golang-binredhat-upgrade-golang-docsredhat-upgrade-golang-github-openprinting-ipp-usb-debugsourceredhat-upgrade-golang-miscredhat-upgrade-golang-raceredhat-upgrade-golang-srcredhat-upgrade-golang-testsredhat-upgrade-grafanaredhat-upgrade-grafana-debuginforedhat-upgrade-grafana-debugsourceredhat-upgrade-grafana-pcpredhat-upgrade-grafana-pcp-debuginforedhat-upgrade-grafana-pcp-debugsourceredhat-upgrade-grafana-selinuxredhat-upgrade-ipp-usbredhat-upgrade-ipp-usb-debuginforedhat-upgrade-opentelemetry-collector
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.