CNNVD-202511-2554 Information

CNNVD ID

CNNVD-202511-2554

Related CVE

CVE-2025-12889

• CNNVD Published: 2025-11-22

Description (Chinese)

wolfSSL（CyaSSL）是美国wolfSSL公司的一个针对嵌入式系统开发人员使用的小的、可移植的嵌入式SSL编程库。 wolfSSL存在安全漏洞，该漏洞源于使用 TLS 1.2 连接时，客户端可以使用任何较弱的摘要算法。

Description (English)

WolfSSL (CyaSSL) is a small, portable, embedded SSL programming library for embedded system developers in the United States of America. There is a security loophole in the WolfSSL, which results from any weaker summary algorithm that the client can use when using TLS 1.2 connections.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

wolfSSL

Published

2025-11-22

Last Modified

2026-02-24

References

https://github.com/wolfSSL/wolfssl/pull/9395 https://access.redhat.com/security/cve/cve-2025-12889 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12889

Patch

https://www.wolfssl.com/download/