CNNVD-202507-2481 Information

CNNVD ID

CNNVD-202507-2481

Related CVE

CVE-2025-7396

• CNNVD Published: 2025-07-18

Description (Chinese)

wolfSSL（CyaSSL）是美国wolfSSL公司的一个针对嵌入式系统开发人员使用的小的、可移植的嵌入式SSL编程库。 wolfSSL 5.8.2版本存在安全漏洞，该漏洞源于默认启用Curve25519盲化支持，可能增加侧信道攻击风险。

Description (English)

WolfSSL (CyaSSL) is a small, portable, embedded SSL programming library for embedded system developers in the United States of America. There is a security loophole in version 5.8.2 of WolfSSL, which stems from the default activation of the Curve 25519 blinding support, which may increase the risk of side-link attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

wolfSSL

Published

2025-07-18

Last Modified

2026-02-24

References

https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-582-july-17-2025 https://access.redhat.com/security/cve/cve-2025-7396