The vulnerability lies in the crypto/x509 VerifyHostname function, which previously parsed the candidate hostname repeatedly for each DNS Subject Alternative Name (SAN) entry. This inefficiency resulted in a quadratic cost based on the number of SANs and the hostname's label count, allowing an attacker to force extremely high CPU consumption during certificate verification and thereby interrupt service availability. The attack does not compromise confidentiality or integrity; the primary threat is resource exhaustion that can lead to denial of service for applications that perform certificate validation even on untrusted certificates.

The flaw affects the Go standard library component crypto/x509 in all Go releases that contain the unpatched VerifyHostname routine. Specific affected Go versions are not listed in the advisory, but the problem was identified in issue 79694 and addressed in subsequent Go releases; clients using the affected libraries should update to the latest Go distribution to avoid the issue.

Because the EPSS score is not available and the vulnerability is not listed in the CISA KEV catalog, the exact likelihood of exploitation remains uncertain, yet the attack vector is straightforward: an adversary can present a certificate with an excessively large SAN list during TLS handshake or any other certificate validation routine, forcing the application to perform expensive hostname parsing and potentially cause a denial of service. The risk is primarily availability due to CPU exhaustion, with no known impact on confidentiality or integrity. The lack of a public exploit hint suggests that active exploitation may not yet be widespread, but the fundamental denial‑of‑service potential warrants timely mitigation.