CVE-2025-61730

MEDIUM5.3EPSS 0.01%

Handshake messages may be processed at the incorrect encryption level in crypto/tls

Published: 1/28/2026Modified: 5/15/2026

Description

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries (for instance the Client Hello and Encrypted Extensions messages), the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosure if a network-local attacker can inject messages during the handshake.

Affected packages (6)

Bitnami/golangfrom 0, < 1.24.12, >= 1.25.0, < 1.25.6
Debian/golang-1.15from 0
Debian/golang-1.19from 0
Debian/golang-1.24from 0
Debian/golang-1.25from 0, < 1.25.6-1
Go/stdlibfrom 0, < 1.24.12, >= 1.25.0, < 1.25.6

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References (6)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2025-61730
PATCHhttps://go.dev/cl/724120
REPORThttps://go.dev/issue/76443
WEBhttps://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc
WEBhttps://nvd.nist.gov/vuln/detail/CVE-2025-61730
WEBhttps://pkg.go.dev/vuln/GO-2026-4340