CNNVD-202506-2843 Information

CNNVD ID

CNNVD-202506-2843

Related CVE

CVE-2025-52556

• CNNVD Published: 2025-06-21

Description (Chinese)

rfc3161-client是Trail of Bits开源的一个软件。 rfc3161-client 1.0.3之前版本存在数据伪造问题漏洞，该漏洞源于时间戳响应签名验证逻辑缺陷，可能导致签名验证不足。

Description (English)

rfc3161-client is an open source of Trail of Bits. Before version refc3161-client 1.0.3, there was a loophole in the problem of data forgery, which arose out of a logical flaw in time stamp response to signature authentication, which could lead to insufficient signature authentication.

Hazard Level

Low

Vulnerability Type

数据伪造问题

Affected Vendor

Trail of Bits

Published

2025-06-21

Last Modified

2026-02-24

References

https://github.com/trailofbits/rfc3161-client/commit/724a184f953e3f171f85cb223871172b41b0d0dc https://github.com/trailofbits/rfc3161-client/security/advisories/GHSA-6qhv-4h7r-2g9m

Patch

https://github.com/trailofbits/rfc3161-client/releases