FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-12-08 21:19:55 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
245bd19f-d035-11f0-84e9-c7a56e37e3f0	go -- excessive resource consumption The Go project reports: Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption. Discovery 2025-12-02 Entry 2025-12-03 go124 < 1.24.11 go125 < 1.25.5 CVE-2025-61729 https://pkg.go.dev/vuln/GO-2025-4155

VuXML ID

Description

245bd19f-d035-11f0-84e9-c7a56e37e3f0

go -- excessive resource consumption

The Go project reports:

Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out.

Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.

Discovery 2025-12-02
Entry 2025-12-03
go124

< 1.24.11

go125

< 1.25.5

CVE-2025-61729
https://pkg.go.dev/vuln/GO-2025-4155