CNNVD-202507-1395 Information

CNNVD ID

CNNVD-202507-1395

Related CVE

CVE-2025-52473

• CNNVD Published: 2025-07-10

Description (Chinese)

liboqs是Open Quantum Safe开源的一个用于量子安全加密算法的开源 C 库。 liboqs 0.14.0之前版本存在信息泄露漏洞，该漏洞源于HQC密钥封装机制存在秘密依赖分支。

Description (English)

liboqs is an Open Quantum Safe open source C library for quantum security encryption algorithms. There was a leak of information in the pre-liboqs 0.14.0 version, which stemmed from the secret dependent branch of the HQC key containment mechanism.

Hazard Level

High

Vulnerability Type

信息泄露

Affected Vendor

Open Quantum Safe

Published

2025-07-10

Last Modified

2026-02-24

References

https://github.com/open-quantum-safe/liboqs/commit/4215362acbf69b88fe1777c4c052f154e29f9897 https://github.com/open-quantum-safe/liboqs/security/advisories/GHSA-qq3m-rq9v-jfgm https://access.redhat.com/security/cve/cve-2025-52473 https://nvd.nist.gov/vuln/detail/CVE-2025-52473

Patch

https://github.com/open-quantum-safe/liboqs/releases