NVD - CVE-2025-22874 (original) (raw)
CVE Modified by CISA-ADP 6/11/2025 2:15:25 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | CVSS V3.1 | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
New CVE Received from Go Project 6/11/2025 1:15:42 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Description | Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon. | |
| Added | Reference | https://go.dev/cl/670375 | |
| Added | Reference | https://go.dev/issue/73612 | |
| Added | Reference | https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A | |
| Added | Reference | https://pkg.go.dev/vuln/GO-2025-3749 |