CVE-2025-58189

ADVISORY - nist

Summary

When Conn.Handshake fails during ALPN negotiation the error contains attacker controlled information (the ALPN protocols sent by the client) which is not escaped.

EPSS Score⁠: 0.00014 (0.022)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-532⁠

Insertion of Sensitive Information into Log File

ADVISORY - redhat

CWE-117⁠

Improper Output Neutralization for Logs

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.