CVE-2025-61730

EUVD-2025-206448
During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries (for instance the Client Hello and Encrypted Extensions messages), the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosure if a network-local attacker can inject messages during the handshake.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
golanggo
𝑥
< 1.24.12
golanggo
1.25.0 ≤
𝑥
< 1.25.6
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
golang-1.15
bullseye
postponed
golang-1.19
bookworm
no-dsa
golang-1.24
trixie
no-dsa
golang-1.25
forky
1.25.11-1
fixed
sid
1.25.11-1
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
amazon-cloudwatch-agent
Amazon Linux 2
0:1.300064.1-1.amzn2
fixed
Amazon Linux 2023
0:1.300064.1-1.amzn2023
fixed
amazon-ecr-credential-helper
Amazon Linux 2023
0:0.11.0-3.amzn2023
fixed
captree
Amazon Linux 2023
0:2.73-1.amzn2023.0.6
fixed
captree-debuginfo
Amazon Linux 2023
0:2.73-1.amzn2023.0.6
fixed
cni-plugins
Amazon Linux 2
0:1.7.1-1.amzn2.0.5
fixed
Amazon Linux 2023
0:1.7.1-1.amzn2023.0.5
fixed
cni-plugins-debuginfo
Amazon Linux 2
0:1.7.1-1.amzn2.0.5
fixed
Amazon Linux 2023
0:1.7.1-1.amzn2023.0.5
fixed
cni-plugins-debugsource
Amazon Linux 2023
0:1.7.1-1.amzn2023.0.5
fixed
compat-golang-github-cpuguy83-md2man-2-devel
Amazon Linux 2023
0:2.0.2-24.amzn2023.0.7
fixed
containerd
Amazon Linux 2023
0:2.1.5-1.amzn2023.0.5
fixed
containerd-debuginfo
Amazon Linux 2023
0:2.1.5-1.amzn2023.0.5
fixed
containerd-debugsource
Amazon Linux 2023
0:2.1.5-1.amzn2023.0.5
fixed
containerd-stress
Amazon Linux 2023
0:2.1.5-1.amzn2023.0.5
fixed
containerd-stress-debuginfo
Amazon Linux 2023
0:2.1.5-1.amzn2023.0.5
fixed
credentials-fetcher
Amazon Linux 2023
0:2.0.1-1.amzn2023.0.5
fixed
cri-tools
Amazon Linux 2
0:1.32.0-1.amzn2.0.4
fixed
cri-tools-debuginfo
Amazon Linux 2
0:1.32.0-1.amzn2.0.4
fixed
docker
Amazon Linux 2023
0:25.0.14-1.amzn2023.0.2
fixed
docker-debuginfo
Amazon Linux 2023
0:25.0.14-1.amzn2023.0.2
fixed
docker-debugsource
Amazon Linux 2023
0:25.0.14-1.amzn2023.0.2
fixed
ecs-init
Amazon Linux 2023
0:1.101.3-1.amzn2023
fixed
golang
Amazon Linux 2
0:1.24.12-1.amzn2.0.1
fixed
Amazon Linux 2023
0:1.24.12-1.amzn2023.0.1
fixed
golang-bin
Amazon Linux 2
0:1.24.12-1.amzn2.0.1
fixed
Amazon Linux 2023
0:1.24.12-1.amzn2023.0.1
fixed
golang-docs
Amazon Linux 2
0:1.24.12-1.amzn2.0.1
fixed
Amazon Linux 2023
0:1.24.12-1.amzn2023.0.1
fixed
golang-github-burntsushi-toml
Amazon Linux 2023
0:1.5.0-1.amzn2023.0.1
fixed
golang-github-burntsushi-toml-debuginfo
Amazon Linux 2023
0:1.5.0-1.amzn2023.0.1
fixed
golang-github-burntsushi-toml-debugsource
Amazon Linux 2023
0:1.5.0-1.amzn2023.0.1
fixed
golang-github-burntsushi-toml-devel
Amazon Linux 2023
0:1.5.0-1.amzn2023.0.1
fixed
golang-github-burntsushi-toml-test
Amazon Linux 2023
0:0.2.0-8.amzn2023.0.3
fixed
golang-github-burntsushi-toml-test-debuginfo
Amazon Linux 2023
0:0.2.0-8.amzn2023.0.3
fixed
golang-github-burntsushi-toml-test-debugsource
Amazon Linux 2023
0:0.2.0-8.amzn2023.0.3
fixed
golang-github-burntsushi-toml-test-devel
Amazon Linux 2023
0:0.2.0-8.amzn2023.0.3
fixed
golang-github-cpuguy83-go-md2man
Amazon Linux 2
0:1.0.4-4.amzn2.0.4
fixed
golang-github-cpuguy83-md2man
Amazon Linux 2023
0:2.0.2-24.amzn2023.0.7
fixed
golang-github-cpuguy83-md2man-debuginfo
Amazon Linux 2023
0:2.0.2-24.amzn2023.0.7
fixed
golang-github-cpuguy83-md2man-debugsource
Amazon Linux 2023
0:2.0.2-24.amzn2023.0.7
fixed
golang-github-cpuguy83-md2man-devel
Amazon Linux 2023
0:2.0.2-24.amzn2023.0.7
fixed
golang-misc
Amazon Linux 2
0:1.24.12-1.amzn2.0.1
fixed
Amazon Linux 2023
0:1.24.12-1.amzn2023.0.1
fixed
golang-shared
Amazon Linux 2
0:1.24.12-1.amzn2.0.1
fixed
Amazon Linux 2023
0:1.24.12-1.amzn2023.0.1
fixed
golang-src
Amazon Linux 2
0:1.24.12-1.amzn2.0.1
fixed
Amazon Linux 2023
0:1.24.12-1.amzn2023.0.1
fixed
golang-tests
Amazon Linux 2
0:1.24.12-1.amzn2.0.1
fixed
Amazon Linux 2023
0:1.24.12-1.amzn2023.0.1
fixed
golist
Amazon Linux 2
0:0.10.1-10.amzn2.0.10
fixed
Amazon Linux 2023
0:0.10.1-11.amzn2023.0.6
fixed
golist-debuginfo
Amazon Linux 2
0:0.10.1-10.amzn2.0.10
fixed
Amazon Linux 2023
0:0.10.1-11.amzn2023.0.6
fixed
golist-debugsource
Amazon Linux 2023
0:0.10.1-11.amzn2023.0.6
fixed
libcap
Amazon Linux 2023
0:2.73-1.amzn2023.0.6
fixed
libcap-debuginfo
Amazon Linux 2023
0:2.73-1.amzn2023.0.6
fixed
libcap-debugsource
Amazon Linux 2023
0:2.73-1.amzn2023.0.6
fixed
libcap-devel
Amazon Linux 2023
0:2.73-1.amzn2023.0.6
fixed
libcap-static
Amazon Linux 2023
0:2.73-1.amzn2023.0.6
fixed
nerdctl
Amazon Linux 2
0:2.2.1-1.amzn2.0.2
fixed
Amazon Linux 2023
0:2.2.1-1.amzn2023.0.2
fixed
nerdctl-debuginfo
Amazon Linux 2
0:2.2.1-1.amzn2.0.2
fixed
oci-add-hooks
Amazon Linux 2023
0:0-0.1.20200504git268e3bb.amzn2023.0.8
fixed
oci-add-hooks-debuginfo
Amazon Linux 2023
0:0-0.1.20200504git268e3bb.amzn2023.0.8
fixed
oci-add-hooks-debugsource
Amazon Linux 2023
0:0-0.1.20200504git268e3bb.amzn2023.0.8
fixed
rclone
Amazon Linux 2023
0:1.73.4-74.amzn2023
fixed
rclone-debuginfo
Amazon Linux 2023
0:1.73.4-74.amzn2023
fixed
rclone-debugsource
Amazon Linux 2023
0:1.73.4-74.amzn2023
fixed
runc
Amazon Linux 2023
0:1.3.4-1.amzn2023.0.2
fixed
runc-debuginfo
Amazon Linux 2023
0:1.3.4-1.amzn2023.0.2
fixed
runc-debugsource
Amazon Linux 2023
0:1.3.4-1.amzn2023.0.2
fixed
runfinch-finch
Amazon Linux 2023
0:1.14.1-1.amzn2023.0.1
fixed
soci-snapshotter
Amazon Linux 2023
0:0.12.0-1.amzn2023.0.3
fixed
yq
Amazon Linux 2023
0:4.47.1-12.amzn2023
fixed
yq-debuginfo
Amazon Linux 2023
0:4.47.1-12.amzn2023
fixed
yq-debugsource
Amazon Linux 2023
0:4.47.1-12.amzn2023
fixed
Azure Linux logo
Azure Linux Releases
Azure Package
Release
golang
Azure Linux 3.0
0:0.0.0.azl3
fixed
msft-golang
CBL-Mariner 2.0
0:1.24.12-1.cm2
fixed