ByteOS Network

NVD Vulnerability Details :

CVE-2025-22865

Deferred

Source-security@golang.org

Published At-28 Jan, 2025 | 02:15

Updated At-15 Apr, 2026 | 00:35

Using ParsePKCS1PrivateKey to parse a RSA key that is missing the CRT values would panic when verifying that the key is well formed.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Type	Version	Base score	Base severity	Vector
Secondary	3.1	7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Type: Secondary

Version: 3.1

Base score: 7.5

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Hyperlink	Source	Resource
https://go.dev/cl/643098	security@golang.org	N/A
https://go.dev/issue/71216	security@golang.org	N/A
https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ	security@golang.org	N/A
https://pkg.go.dev/vuln/GO-2025-3421	security@golang.org	N/A