{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-12T08:43:27.899","vulnerabilities":[{"cve":{"id":"CVE-2025-61730","sourceIdentifier":"security@golang.org","published":"2026-01-28T20:16:09.940","lastModified":"2026-02-03T20:36:41.300","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries (for instance the Client Hello and Encrypted Extensions messages), the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosure if a network-local attacker can inject messages during the handshake."},{"lang":"es","value":"Durante el handshake de TLS 1.3, si se envían múltiples mensajes en registros que cruzan los límites del nivel de cifrado (por ejemplo, los mensajes Client Hello y Encrypted Extensions), los mensajes subsiguientes pueden ser procesados antes de que cambie el nivel de cifrado. Esto puede causar una revelación de información menor si un atacante local de red puede inyectar mensajes durante el handshake."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*","versionEndExcluding":"1.24.12","matchCriteriaId":"21FD9368-8AB3-404B-8599-BBF64EFE3C7B"},{"vulnerable":true,"criteria":"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*","versionStartIncluding":"1.25.0","versionEndExcluding":"1.25.6","matchCriteriaId":"A547E844-78D2-4B17-B7A9-73E7B503D2CE"}]}]}],"references":[{"url":"https://go.dev/cl/724120","source":"security@golang.org","tags":["Patch"]},{"url":"https://go.dev/issue/76443","source":"security@golang.org","tags":["Patch"]},{"url":"https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc","source":"security@golang.org","tags":["Release Notes"]},{"url":"https://pkg.go.dev/vuln/GO-2026-4340","source":"security@golang.org","tags":["Vendor Advisory"]}]}}]}