{"id":"CVE-2025-61724","details":"The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption.","aliases":["BIT-golang-2025-61724","GO-2025-4015"],"modified":"2026-03-23T05:05:49.191139516Z","published":"2025-10-29T23:16:20.020Z","related":["CGA-fcg8-8q5v-f9hp","MGASA-2025-0256","SUSE-SU-2025:03547-1","SUSE-SU-2025:21192-1","SUSE-SU-2025:21193-1","SUSE-SU-2025:3682-1","SUSE-SU-2026:0296-1","SUSE-SU-2026:0297-1","SUSE-SU-2026:0298-1","SUSE-SU-2026:0308-1","SUSE-SU-2026:20623-1","SUSE-SU-2026:20629-1","openSUSE-SU-2025:15608-1","openSUSE-SU-2025:15609-1","openSUSE-SU-2025:15695-1","openSUSE-SU-2025:20157-1","openSUSE-SU-2025:20158-1","openSUSE-SU-2026:20301-1","openSUSE-SU-2026:20308-1"],"references":[{"type":"ADVISORY","url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2025-4015"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2025/10/08/1"},{"type":"REPORT","url":"https://go.dev/issue/75716"},{"type":"FIX","url":"https://go.dev/cl/709859"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/golang/go","events":[{"introduced":"0"},{"fixed":"3a666bca00d7fb30d55e252131ea2cf2006dc3a3"},{"introduced":"6e676ab2b809d46623acb5988248d95d1eb7939c"},{"fixed":"bed6c81c2dceeb19c7f9e46fc173671abcda7cfd"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.24.8"},{"introduced":"1.25.0"},{"fixed":"1.25.2"}]}}],"versions":["go1.25.0","go1.25.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-61724.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}]}