CVE-2025-61723

Summary

The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs.

Affected Software

VendorProductVersion RangeStatus
Go standard libraryencoding/pem0 < 1.24.8affected
Go standard libraryencoding/pem1.25.0 < 1.25.2affected

Weaknesses

  • CWE-407: Inefficient Algorithmic Complexity

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References