CNNVD-202511-2708 Information

CNNVD ID

CNNVD-202511-2708

Related CVE

CVE-2025-66017

• CNNVD Published: 2025-11-25

Description (Chinese)

cggmp21是Lockness开源的一个Rust库。 cggmp21 0.6.3及之前版本和0.7.0-alpha.1版本存在安全漏洞，该漏洞源于预签名使用方式不当，可能导致安全性降低。

Description (English)

cggmp21 is a Rust bank from Lockness. cggmp21 0.6.3 and previous versions and version 0.7.0-alpha.1 contain a security loophole, which stems from the improper use of pre-signed signatures and may lead to a decrease in security.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Lockness

Published

2025-11-25

Last Modified

2026-02-24

References

https://github.com/LFDT-Lockness/cggmp21/security/advisories/GHSA-8frv-q972-9rq5 https://www.dfns.co/article/cggmp21-vulnerabilities-patched-and-explained https://access.redhat.com/security/cve/cve-2025-66017

Patch

https://github.com/LFDT-Lockness/cggmp21/tags