Skip to content

Security [High] CVE-2025-58187 #503

New issue
New issue
Open
Open
Security [High] CVE-2025-58187#503
Labels
bugSomething isn't working
@gduncklee

Description

@gduncklee
gduncklee
opened on Nov 4, 2025

Vulnerability Details

ID: https://www.cve.org/CVERecord?id=CVE-2025-58187
Severity: High
Type: go-module
Description: Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains.
Fix State: fixed
Fix Versions: 1.25.2, 1.24.8
More Info: https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions