从这个网页截图中可以获取到以下关于漏洞的关键信息: 漏洞报告编号: GO-2025-4135 影响的包: golang.org/x/crypto 发布日期: Nov 19, 2025 漏洞描述: - SSH Agent Servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read. - More detailed information about this vulnerability can be found at: https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA. 受影响的包: - Path: golang.org/x/crypto/ssh/agent - Go versions: all versions, no known fixed - Custom versions: before 0.45.0 - Symbols: ForwardToAgent, ServeAgent 别名: CVE-2025-47914 参考链接: - https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA - https://go.dev/cl/721960 - https://go.dev/issue/76364 - https://vuln.go.dev/ID/GO-2025-4135.json 贡献者: Jakub Ciolek