216.73.216.133

CVE-2025-1386

· Published 11/04/2025 05:15 · Modified 11/04/2025 16:15

Labels: CVE-2025-1386 2025-04-11CVE-2025-1386CWE-444cb7ba516-3b07-4c98-b0c2-715220f1a8f6

Essential information

Published
11/04/2025 05:15
Modified
11/04/2025 16:15
Author
Creator
CVSS
5.9 MEDIUM (v3) 5.9 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

When using the ch-go library, under a specific condition when the query includes a large, uncompressed malicious external data, it is possible for an attacker in control of such data to smuggle another query packet into the connection stream.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
cb7ba516-3b07-4c98-b0c2-715220f1a8f6
NVD
View on NVD

Affected products (CPE)

ProductCPE
ch-go / ch-go cpe:2.3:a:ch-go:ch-go:*:*:*:*:*:*:*:*

References