[GH-ISSUE #296] CVE-2025-61729 (stdlib) #49

New issue

Closed

opened 2026-02-26 18:33:04 +03:00 by kerem · 2 comments

kerem commented

2026-02-26 18:33:04 +03:00

Owner

Originally created by @eric-as on GitHub (Jan 6, 2026).
Original GitHub issue: https://github.com/decke/smtprelay/issues/296

Hello Bernhard,

Once again I want to thank you for providing this software and your support.

I want to to point out a CVE with score HIGH in smtprelay and would be pleased if you could provide new release with this issue fixed.

trivy image --scanners vuln --ignore-unfixed --severity HIGH,CRITICAL --table-mode detailed --quiet --exit-code 2 [repo/image:tag]
usr/local/bin/smtprelay (gobinary)

Total: 1 (HIGH: 1, CRITICAL: 0)

┌─────────┬────────────────┬──────────┬────────┬───────────────────┬─────────────────┬───────────────────────────────────────────────────────────┐
│ Library │ Vulnerability  │ Severity │ Status │ Installed Version │  Fixed Version  │                           Title                           │
├─────────┼────────────────┼──────────┼────────┼───────────────────┼─────────────────┼───────────────────────────────────────────────────────────┤
│ stdlib  │ CVE-2025-61729 │ HIGH     │ fixed  │ v1.25.4           │ 1.24.11, 1.25.5 │ crypto/x509: Excessive resource consumption when printing │
│         │                │          │        │                   │                 │ error string for host certificate validation...           │
│         │                │          │        │                   │                 │ https://avd.aquasec.com/nvd/cve-2025-61729                │
└─────────┴────────────────┴──────────┴────────┴───────────────────┴─────────────────┴───────────────────────────────────────────────────────────┘

Thank you in advance.

Originally created by @eric-as on GitHub (Jan 6, 2026). Original GitHub issue: https://github.com/decke/smtprelay/issues/296 Hello Bernhard, Once again I want to thank you for providing this software and your support. I want to to point out a CVE with score HIGH in `smtprelay` and would be pleased if you could provide new release with this issue fixed. ``` trivy image --scanners vuln --ignore-unfixed --severity HIGH,CRITICAL --table-mode detailed --quiet --exit-code 2 [repo/image:tag] usr/local/bin/smtprelay (gobinary) Total: 1 (HIGH: 1, CRITICAL: 0) ┌─────────┬────────────────┬──────────┬────────┬───────────────────┬─────────────────┬───────────────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │ ├─────────┼────────────────┼──────────┼────────┼───────────────────┼─────────────────┼───────────────────────────────────────────────────────────┤ │ stdlib │ CVE-2025-61729 │ HIGH │ fixed │ v1.25.4 │ 1.24.11, 1.25.5 │ crypto/x509: Excessive resource consumption when printing │ │ │ │ │ │ │ │ error string for host certificate validation... │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2025-61729 │ └─────────┴────────────────┴──────────┴────────┴───────────────────┴─────────────────┴───────────────────────────────────────────────────────────┘ ``` Thank you in advance.