PT-2025-42742 · Unknown+4 · Golang-1.19+5

Published

2025-01-01

·

Updated

2026-05-21

·

CVE-2025-58189

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Go versions prior to 1.24.9-alt1 Fedora 42 Fedora 43
Description The issue involves a flaw in the crypto/tls component of the Go programming language. Specifically, when the Conn.Handshake process fails during ALPN (Application-Layer Protocol Negotiation), the resulting error message includes attacker-controlled data—the ALPN protocols proposed by the client—without proper sanitization. This can lead to information disclosure. The vulnerability also affects logging, as insufficient filtering or escaping of log files allows remote attackers to potentially inject or manipulate log entries. Multiple reports indicate that the vulnerability affects the Cloud SQL Proxy and is addressed in updates for Fedora.
Recommendations Upgrade Go to version 1.24.9-alt1 or later. Update kustomize to version 5.8.0. Rebuild k9s to mitigate the risk.

Fix

DoS

Insertion into Log File

Improper Neutralization

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-532CWE-707CWE-74

Related Identifiers

ALT-PU-2025-12749
ALT-PU-2025-13232
AZL-78917
BDU:2025-14526
BIT-GOLANG-2025-58189
CLEANSTART-2025-EU07511
CLEANSTART-2026-AB43319
CLEANSTART-2026-AC12204
CLEANSTART-2026-AJ16639
CLEANSTART-2026-AJ76138
CLEANSTART-2026-AQ75465
CLEANSTART-2026-AT12816
CLEANSTART-2026-BD53293
CLEANSTART-2026-BH97849
CLEANSTART-2026-BJ28314
CLEANSTART-2026-BJ35875
CLEANSTART-2026-BM53321
CLEANSTART-2026-CB01846
CLEANSTART-2026-CE02533
CLEANSTART-2026-CT39828
CLEANSTART-2026-CV29689
CLEANSTART-2026-CY03855
CLEANSTART-2026-CY44461
CLEANSTART-2026-DH72490
CLEANSTART-2026-DP30290
CLEANSTART-2026-DR75226
CLEANSTART-2026-DS01292
CLEANSTART-2026-DZ05206
CLEANSTART-2026-EC15228
CLEANSTART-2026-EE52954
CLEANSTART-2026-EL98016
CLEANSTART-2026-ER42900
CLEANSTART-2026-ER93728
CLEANSTART-2026-FF20499
CLEANSTART-2026-FF98917
CLEANSTART-2026-FM65506
CLEANSTART-2026-FS64938
CLEANSTART-2026-FU47971
CLEANSTART-2026-GJ69402
CLEANSTART-2026-GL70025
CLEANSTART-2026-GQ00159
CLEANSTART-2026-GQ03231
CLEANSTART-2026-GS02052
CLEANSTART-2026-GV62494
CLEANSTART-2026-GZ35045
CLEANSTART-2026-HA44046
CLEANSTART-2026-HW19594
CLEANSTART-2026-HX78047
CLEANSTART-2026-HY43775
CLEANSTART-2026-ID24148
CLEANSTART-2026-IG94553
CLEANSTART-2026-IO04548
CLEANSTART-2026-JD75482
CLEANSTART-2026-JJ09127
CLEANSTART-2026-JK84667
CLEANSTART-2026-JO01099
CLEANSTART-2026-JR37040
CLEANSTART-2026-JR48309
CLEANSTART-2026-JT73156
CLEANSTART-2026-JU62670
CLEANSTART-2026-JW58725
CLEANSTART-2026-KC01126
CLEANSTART-2026-KU65968
CLEANSTART-2026-KV78041
CLEANSTART-2026-KZ60560
CLEANSTART-2026-KZ63902
CLEANSTART-2026-LA67881
CLEANSTART-2026-LO42921
CLEANSTART-2026-LS98939
CLEANSTART-2026-LU21824
CLEANSTART-2026-LY33846
CLEANSTART-2026-LZ54652
CLEANSTART-2026-MA32024
CLEANSTART-2026-MF20926
CLEANSTART-2026-MI26039
CLEANSTART-2026-MJ51212
CLEANSTART-2026-MJ60235
CLEANSTART-2026-MK39503
CLEANSTART-2026-ML42911
CLEANSTART-2026-MU17611
CLEANSTART-2026-MX70474
CLEANSTART-2026-ND18869
CLEANSTART-2026-NG75665
CLEANSTART-2026-NJ43712
CLEANSTART-2026-NP17404
CLEANSTART-2026-NP19113
CLEANSTART-2026-NS41924
CLEANSTART-2026-NT80635
CLEANSTART-2026-NV34418
CLEANSTART-2026-NV78596
CLEANSTART-2026-OA33370
CLEANSTART-2026-OL17158
CLEANSTART-2026-OL25917
CLEANSTART-2026-OL32822
CLEANSTART-2026-OL60454
CLEANSTART-2026-ON38469
CLEANSTART-2026-ON62368
CLEANSTART-2026-OO14630
CLEANSTART-2026-OT07577
CLEANSTART-2026-OX06978
CLEANSTART-2026-OX88144
CLEANSTART-2026-PC16040
CLEANSTART-2026-PF41398
CLEANSTART-2026-PG91940
CLEANSTART-2026-PK19530
CLEANSTART-2026-PM59896
CLEANSTART-2026-PN58989
CLEANSTART-2026-PV98664
CLEANSTART-2026-PW02676
CLEANSTART-2026-QB67682
CLEANSTART-2026-QC30410
CLEANSTART-2026-QF85840
CLEANSTART-2026-QK02462
CLEANSTART-2026-QO29688
CLEANSTART-2026-QU88766
CLEANSTART-2026-QZ16523
CLEANSTART-2026-RL45001
CLEANSTART-2026-RQ53330
CLEANSTART-2026-RU37859
CLEANSTART-2026-SB25660
CLEANSTART-2026-SM37781
CLEANSTART-2026-SW55801
CLEANSTART-2026-SY95837
CLEANSTART-2026-TA27786
CLEANSTART-2026-TF98824
CLEANSTART-2026-TH33219
CLEANSTART-2026-TK38210
CLEANSTART-2026-TM31143
CLEANSTART-2026-TS42581
CLEANSTART-2026-TT42218
CLEANSTART-2026-TX25294
CLEANSTART-2026-TY78539
CLEANSTART-2026-TZ10716
CLEANSTART-2026-UJ10620
CLEANSTART-2026-UO76615
CLEANSTART-2026-UR80185
CLEANSTART-2026-UU56048
CLEANSTART-2026-UY60586
CLEANSTART-2026-UY85485
CLEANSTART-2026-UZ79996
CLEANSTART-2026-VC16841
CLEANSTART-2026-VF66781
CLEANSTART-2026-VI85055
CLEANSTART-2026-VJ77782
CLEANSTART-2026-VP44686
CLEANSTART-2026-VS64679
CLEANSTART-2026-VU08393
CLEANSTART-2026-VV68546
CLEANSTART-2026-VY87942
CLEANSTART-2026-VZ85637
CLEANSTART-2026-WP10148
CLEANSTART-2026-WQ07901
CLEANSTART-2026-XR85161
CLEANSTART-2026-YC48827
CLEANSTART-2026-YL27116
CLEANSTART-2026-YQ79300
CLEANSTART-2026-YW12690
CLEANSTART-2026-ZG64300
CLEANSTART-2026-ZM84646
CVE-2025-58189
ECHO-6E83-4DCA-520D
GO-2025-4008
MGASA-2025-0256
OESA-2025-2648
OESA-2025-2649
OPENSUSE-SU-2025:15608-1
OPENSUSE-SU-2025:15609-1
OPENSUSE-SU-2025:15695-1
OPENSUSE-SU-2025:15723-1
OPENSUSE-SU-2025:20157-1
OPENSUSE-SU-2025:20158-1
OPENSUSE-SU-2026:20301-1
OPENSUSE-SU-2026:20308-1
RHSA-2026:7291
RHSA-2026:7385
SUSE-SU-2025:03547-1
SUSE-SU-2025:21192-1
SUSE-SU-2025:21193-1
SUSE-SU-2025:3682-1
SUSE-SU-2026:0296-1
SUSE-SU-2026:0297-1
SUSE-SU-2026:0298-1
SUSE-SU-2026:0308-1
SUSE-SU-2026:20623-1
SUSE-SU-2026:20629-1

Affected Products

Alt Linux
Debian
Red Os
Suse
Golang-1.15
Golang-1.19