Vulnerability Report: GO-2025-4007
- CVE-2025-58187, CVE-2025-58187
- Affects: crypto/x509
- Published: Oct 29, 2025
Due to the design of the name constraint checking algorithm, the processing time of some inputs scals non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains.
Affected Packages
-
PathVersionsSymbols
-
before go1.24.9, from go1.25.0 before go1.25.3
31 affected symbols
- CertPool.AppendCertsFromPEM
- Certificate.CheckCRLSignature
- Certificate.CheckSignature
- Certificate.CheckSignatureFrom
- Certificate.CreateCRL
- Certificate.Verify
- CertificateRequest.CheckSignature
- CreateCertificate
- CreateCertificateRequest
- CreateRevocationList
- DecryptPEMBlock
- EncryptPEMBlock
- MarshalECPrivateKey
- MarshalPKCS1PrivateKey
- MarshalPKCS1PublicKey
- MarshalPKCS8PrivateKey
- MarshalPKIXPublicKey
- ParseCRL
- ParseCertificate
- ParseCertificateRequest
- ParseCertificates
- ParseDERCRL
- ParseECPrivateKey
- ParsePKCS1PrivateKey
- ParsePKCS1PublicKey
- ParsePKCS8PrivateKey
- ParsePKIXPublicKey
- ParseRevocationList
- RevocationList.CheckSignatureFrom
- SetFallbackRoots
- SystemCertPool
Aliases
References
- https://go.dev/issue/75681
- https://go.dev/cl/709854
- https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI
- https://vuln.go.dev/ID/GO-2025-4007.json
Credits
- Jakub Ciolek
Feedback
See anything missing or incorrect?
Suggest an edit to this report.