CVE-2025-65637: A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.
Overview
- Severity
- Medium (CVSS 5.9)
- CVSS Vector
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
- Exploit Status
- Not Exploited
- Patch Tuesday
- 2025-Dec
- Released
- 2025-12-07
- Last Updated
- 2026-02-26
- EPSS Score
- 0.04% (percentile: 12.4%)
Detection & Weaponization (1 sources)
Maturity: Exploit
- GitHub PoC: 1 repositories
Affected Products (34)
Other
- 20770-17086
- 20769-17086
- 20828-17084
- 20824-17084
- 20876-17084
- 19348-17084
- 20709-17084
- 20710-17084
- 20711-17084
- 20079-17084
- 20712-17084
- 20713-17084
- 17793-17084
- 20381-17086
- 20714-17086
- 20715-17086
- 20699-17086
- 20700-17086
- 20716-17086
- 20717-17086
- 20520-17086
- 20537-17086
- 20393-17086
- 20394-17086
- 20718-17086
- 20364-17086
- 20703-17086
- 19792-17086
- 20719-17086
- 20720-17086
- 20721-17086
- 20372-17086
- 20794-17084
Open Source Software
- azl3 kata-containers-cc 3.15.0.aks0-5 on Azure Linux 3.0
Revision History
- 2025-12-07: Information published.
- 2025-12-08: Information published.
- 2025-12-09: Information published.
- 2025-12-17: Information published.
- 2025-12-20: Information published.
- 2025-12-23: Information published.
- 2025-12-30: Information published.
- 2025-12-30: Information published.
- 2026-01-03: Information published.
- 2026-01-08: Information published.
- 2026-01-20: Information published.
- 2026-02-21: Information published.
- 2026-02-26: Information published.