Lucene search
+L

5 matches found

susecve
susecve
added 2025/03/14 2:57 a.m.5 views

SUSE CVE-2025-25199

go-crypto-winnative Go crypto backend for Windows using Cryptography API: Next Generation CNG. Prior to commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41, calls to cng.TLS1PRF don't release the key handle, producing a small memory leak every time. Commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41...

7.5CVSS6.8AI score0.0139EPSS
Exploits0References2
veracode
veracode
added 2025/02/17 10:21 a.m.9 views

Memory Leakage

go-crypto-winnative is vulnerable to a Memory Leakage. The vulnerability is due to improper resource management due to failure to release the key handle in cng.TLS1PRF, causing a small memory leak on each call...

7.5CVSS7AI score0.0139EPSS
Exploits0References3Affected Software1
github
github
added 2025/02/12 7:20 p.m.24 views

go-crypto-winnative BCryptGenerateSymmetricKey memory leak

Calls to cng.TLS1PRF don't release the key handle, producing a small memory leak every time...

7.5CVSS6.7AI score0.0139EPSS
Exploits0References4Affected Software1
osv
osv
added 2025/02/12 6:15 p.m.10 views

AZL-79122 CVE-2025-25199 affecting package golang 1.25.7-1

go-crypto-winnative Go crypto backend for Windows using Cryptography API: Next Generation CNG. Prior to commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41, calls to cng.TLS1PRF don't release the key handle, producing a small memory leak every time. Commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41...

7.5CVSS7.3AI score0.0139EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/02/12 5:49 p.m.14 views

CVE-2025-25199 BCryptGenerateSymmetricKey memory leak

go-crypto-winnative Go crypto backend for Windows using Cryptography API: Next Generation CNG. Prior to commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41, calls to cng.TLS1PRF don't release the key handle, producing a small memory leak every time. Commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41...

7.5CVSS7.4AI score0.0139EPSS
Exploits0References2
Rows per page
Query Builder