CVE-2025-58188

Published Oct 29, 2025

Last updated 3 months ago

CVSS high 7.5
Mysql

Overview

Description
Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains.
Source
security@golang.org
NVD status
Analyzed
Products
go

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity
HIGH

Weaknesses

nvd@nist.gov
CWE-295

Social media

Hype score
Not currently trending

  1. ⚠️ Vulnerabilidades en productos VMware ❗ CVE-2025-61725 ❗ CVE-2025-58188 ❗ CVE-2025-58187 ➡️ Más info: https://t.co/f2QzldWdbF https://t.co/vkGw6I6sgQ

    @CERTpy

    15 Jan 2026

    98 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  2. [URGENT] Fedora 38 #Security Update: complyctl patched for high-severity flaw CVE-2025-58188. Container compliance bypass risk. 🔐 Read more: 👉 https://t.co/cx3fFNccY8 #Security https://t.co/4fFezrnG2J

    @Cezar_H_Linux

    14 Jan 2026

    28 Impressions

    1 Retweet

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

  3. Fedora releases critical Gobuster update fixing CVE-2025-58188, a DoS vulnerability, by unretiring the package and upgrading to version 3.8.2. Users should update promptly. #infosec https://t.co/51qMtLi1Zr

    @threatcluster

    22 Dec 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🔐 CRITICAL UPDATE: #Fedora patches #GoBuster to address CVE-2025-58188 (v3.8.2). This directory/DNS busting tool is vital for pentesters. A flaw in it could compromise security audits. Read more: 👉 https://t.co/HNf24Us2e2 #Security https://t.co/obwsGfitiE

    @Cezar_H_Linux

    22 Dec 2025

    36 Impressions

    1 Retweet

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

  5. URGENT: #Fedora docker-buildkit security patches available for CVE-2025-58183, CVE-2025-58185, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723 Read more: 👉 https://t.co/1s46wqrgPS #Security https://t.co/WcSSlZybiB

    @Cezar_H_Linux

    27 Nov 2025

    46 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. CVE-2025-58188 Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This af… https://t.co/FeAzRgdOBE

    @CVEnew

    29 Oct 2025

    236 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: GIS). Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).CVE-2026-35235
  2. Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.CVE-2026-32281
  3. The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime.CVE-2026-27144
  4. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls.CVE-2026-32280
  5. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption.CVE-2026-27143

References

Sources include official advisories and independent security research.