CVE-2025-61730

Gravedad:

Pendiente de análisis

Tipo:

No Disponible / Otro tipo

Fecha de publicación:

28/01/2026

Última modificación:

28/01/2026

Descripción

*** Pendiente de traducción *** During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries (for instance the Client Hello and Encrypted Extensions messages), the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosure if a network-local attacker can inject messages during the handshake.

Impacto

Referencias a soluciones, herramientas e información

https://go.dev/cl/724120
https://go.dev/issue/76443
https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc
https://pkg.go.dev/vuln/GO-2026-4340