CNNVD-202508-560 Information
CNNVD ID
CNNVD-202508-560
Related CVE
- CNNVD Published: 2025-08-06
Description (Chinese)
CIRCL是Cloudflare开源的一个用 Go 编写的加密原语集合。 CIRCL存在数据伪造问题漏洞,该漏洞源于低阶点注入和点验证不当,可能破坏会话安全。
Description (English)
The CIRCL is a collection of encrypted originals written by Go from Cloudflare Open Source. CIRCL has a data-falsification loophole, which stems from poor injection and point-checking of low-level points and could undermine the security of sessions.
Hazard Level
Critical
Vulnerability Type
数据伪造问题
Affected Vendor
Cloudflare
Published
2025-08-06
Last Modified
2026-02-24
References
https://github.com/cloudflare/circl https://bugzilla.redhat.com/show_bug.cgi?id=2371624 https://github.com/cloudflare/circl/security/advisories/GHSA-2x5j-vhc8-9cwm https://access.redhat.com/security/cve/CVE-2025-8556 https://github.com/cloudflare/circl/tree/v1.6.1 https://vigilance.fr/vulnerability/CIRCL-information-disclosure-via-FourQ-Elliptic-Curve-48793
Patch
https://github.com/cloudflare/circl/releases
Share on: