{"id":"GO-2025-3987","summary":"Vulnerable to Improper Validation of Syntactic Correctness of Input in github.com/nyaruka/phonenumbers","details":"Vulnerable to Improper Validation of Syntactic Correctness of Input in github.com/nyaruka/phonenumbers","aliases":["CVE-2025-10954","GHSA-fmjh-f678-cv3x"],"modified":"2026-02-04T03:46:59.754495Z","published":"2025-11-05T18:41:07Z","related":["CGA-4wc2-wjqc-6ccm"],"database_specific":{"review_status":"REVIEWED","url":"https://pkg.go.dev/vuln/GO-2025-3987"},"references":[{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-fmjh-f678-cv3x"},{"type":"FIX","url":"https://github.com/nyaruka/phonenumbers/commit/0479e35488e8a002a261cdb515ef8a7f80ca37fe"},{"type":"REPORT","url":"https://github.com/nyaruka/phonenumbers/issues/148"},{"type":"WEB","url":"https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMNYARUKAPHONENUMBERS-6084070"}],"affected":[{"package":{"name":"github.com/nyaruka/phonenumbers","ecosystem":"Go","purl":"pkg:golang/github.com/nyaruka/phonenumbers"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.2.2"}]}],"ecosystem_specific":{"imports":[{"symbols":["ContainsOnlyValidXChars","FormatInOriginalFormat","GetExampleNumber","GetExampleNumberForNonGeoEntity","GetExampleNumberForType","IsNumberMatch","IsNumberMatchWithOneNumber","Leniency.Verify","Parse","ParseAndKeepRawInput","ParseAndKeepRawInputToNumber","ParseToNumber","buildNationalNumberForParsing","parseHelper"],"path":"github.com/nyaruka/phonenumbers"}]},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2025-3987.json"}}],"schema_version":"1.7.3"}