Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-8556— Github.com/cloudflare/circl: circl-fourq: missing and wrong validation can lead to incorrect results

CVSS 3.7 · Low EPSS 0.03% · P9
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-8556

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Github.com/cloudflare/circl: circl-fourq: missing and wrong validation can lead to incorrect results
Source: NVD (National Vulnerability Database)
Vulnerability Description
A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
CWE-1287
Source: NVD (National Vulnerability Database)
Vulnerability Title
CIRCL 数据伪造问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
CIRCL是Cloudflare开源的一个用 Go 编写的加密原语集合。 CIRCL存在数据伪造问题漏洞,该漏洞源于低阶点注入和点验证不当,可能破坏会话安全。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Red HatBuilds for Red Hat OpenShift-cpe:/a:redhat:openshift_builds:1
Red HatBuilds for Red Hat OpenShift-cpe:/a:redhat:openshift_builds:1
Red HatBuilds for Red Hat OpenShift-cpe:/a:redhat:openshift_builds:1
Red HatBuilds for Red Hat OpenShift-cpe:/a:redhat:openshift_builds:1
Red HatBuilds for Red Hat OpenShift-cpe:/a:redhat:openshift_builds:1
Red HatBuilds for Red Hat OpenShift-cpe:/a:redhat:openshift_builds:1
Red HatCustom Metric Autoscaler operator for Red Hat Openshift-cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
Red HatCustom Metric Autoscaler operator for Red Hat Openshift-cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
Red HatCustom Metric Autoscaler operator for Red Hat Openshift-cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
Red HatCustom Metric Autoscaler operator for Red Hat Openshift-cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
Red HatCustom Metric Autoscaler operator for Red Hat Openshift-cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
Red HatMulticluster Global Hub-cpe:/a:redhat:multicluster_globalhub
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Serverless-cpe:/a:redhat:serverless:1
Red HatOpenShift Serverless-cpe:/a:redhat:serverless:1
Red HatOpenShift Serverless-cpe:/a:redhat:serverless:1
Red HatOpenShift Serverless-cpe:/a:redhat:serverless:1
Red HatOpenShift Service Mesh 3-cpe:/a:redhat:service_mesh:3
Red HatOpenShift Service Mesh 3-cpe:/a:redhat:service_mesh:3
Red HatOpenShift Service Mesh 3-cpe:/a:redhat:service_mesh:3
Red HatOpenShift Service Mesh 3-cpe:/a:redhat:service_mesh:3
Red HatOpenShift Service Mesh 3-cpe:/a:redhat:service_mesh:3
Red HatOpenShift Service Mesh 3-cpe:/a:redhat:service_mesh:3
Red HatOpenShift Service Mesh 3-cpe:/a:redhat:service_mesh:3
Red HatRed Hat Advanced Cluster Management for Kubernetes 2-cpe:/a:redhat:acm:2
Red HatRed Hat Advanced Cluster Management for Kubernetes 2-cpe:/a:redhat:acm:2
Red HatRed Hat Advanced Cluster Management for Kubernetes 2-cpe:/a:redhat:acm:2
Red HatRed Hat Advanced Cluster Management for Kubernetes 2-cpe:/a:redhat:acm:2
Red HatRed Hat Advanced Cluster Management for Kubernetes 2-cpe:/a:redhat:acm:2
Red HatRed Hat Advanced Cluster Management for Kubernetes 2-cpe:/a:redhat:acm:2
Red HatRed Hat Advanced Cluster Management for Kubernetes 2-cpe:/a:redhat:acm:2
Red HatRed Hat Advanced Cluster Management for Kubernetes 2-cpe:/a:redhat:acm:2
Red HatRed Hat Advanced Cluster Security 4-cpe:/a:redhat:advanced_cluster_security:4
Red HatRed Hat Advanced Cluster Security 4-cpe:/a:redhat:advanced_cluster_security:4
Red HatRed Hat Advanced Cluster Security 4-cpe:/a:redhat:advanced_cluster_security:4
Red HatRed Hat Advanced Cluster Security 4-cpe:/a:redhat:advanced_cluster_security:4
Red HatRed Hat Advanced Cluster Security 4-cpe:/a:redhat:advanced_cluster_security:4
Red HatRed Hat Advanced Cluster Security 4-cpe:/a:redhat:advanced_cluster_security:4
Red HatRed Hat Advanced Cluster Security 4-cpe:/a:redhat:advanced_cluster_security:4
Red HatRed Hat Advanced Cluster Security 4-cpe:/a:redhat:advanced_cluster_security:4
Red HatRed Hat Advanced Cluster Security 4-cpe:/a:redhat:advanced_cluster_security:4
Red HatRed Hat Advanced Cluster Security 4-cpe:/a:redhat:advanced_cluster_security:4
Red HatRed Hat Ceph Storage 5-cpe:/a:redhat:ceph_storage:5
Red HatRed Hat Ceph Storage 5-cpe:/a:redhat:ceph_storage:5
Red HatRed Hat Ceph Storage 6-cpe:/a:redhat:ceph_storage:6
Red HatRed Hat Ceph Storage 6-cpe:/a:redhat:ceph_storage:6
Red HatRed Hat Ceph Storage 8-cpe:/a:redhat:ceph_storage:8
Red HatRed Hat Ceph Storage 8-cpe:/a:redhat:ceph_storage:8
Red HatRed Hat Developer Hub-cpe:/a:redhat:rhdh:1
Red HatRed Hat Developer Hub-cpe:/a:redhat:rhdh:1
Red HatRed Hat Edge Manager preview-cpe:/a:redhat:edge_manager:0
Red HatRed Hat Edge Manager preview-cpe:/a:redhat:edge_manager:0
Red HatRed Hat Edge Manager preview-cpe:/a:redhat:edge_manager:0
Red HatRed Hat Edge Manager preview-cpe:/a:redhat:edge_manager:0
Red HatRed Hat Edge Manager preview-cpe:/a:redhat:edge_manager:0
Red HatRed Hat Edge Manager preview-cpe:/a:redhat:edge_manager:0
Red HatRed Hat Edge Manager preview-cpe:/a:redhat:edge_manager:0
Red HatRed Hat Edge Manager preview-cpe:/a:redhat:edge_manager:0
Red HatRed Hat Edge Manager preview-cpe:/a:redhat:edge_manager:0
Red HatRed Hat Edge Manager preview-cpe:/a:redhat:edge_manager:0
Red HatRed Hat Enterprise Linux 10-cpe:/o:redhat:enterprise_linux:10
Red HatRed Hat Enterprise Linux 9-cpe:/o:redhat:enterprise_linux:9
Red HatRed Hat Enterprise Linux AI (RHEL AI)-cpe:/a:redhat:enterprise_linux_ai:1
Red HatRed Hat Enterprise Linux AI (RHEL AI)-cpe:/a:redhat:enterprise_linux_ai:1
Red HatRed Hat Enterprise Linux AI (RHEL AI)-cpe:/a:redhat:enterprise_linux_ai:1
Red HatRed Hat Enterprise Linux AI (RHEL AI)-cpe:/a:redhat:enterprise_linux_ai:1
Red HatRed Hat Enterprise Linux AI (RHEL AI)-cpe:/a:redhat:enterprise_linux_ai:1
Red HatRed Hat Enterprise Linux AI (RHEL AI)-cpe:/a:redhat:enterprise_linux_ai:1
Red HatRed Hat Enterprise Linux AI (RHEL AI)-cpe:/a:redhat:enterprise_linux_ai:1
Red HatRed Hat Enterprise Linux AI (RHEL AI)-cpe:/a:redhat:enterprise_linux_ai:1
Red HatRed Hat Enterprise Linux AI (RHEL AI)-cpe:/a:redhat:enterprise_linux_ai:1
Red HatRed Hat Enterprise Linux AI (RHEL AI)-cpe:/a:redhat:enterprise_linux_ai:1
Red HatRed Hat OpenShift AI (RHOAI)-cpe:/a:redhat:openshift_ai
Red HatRed Hat OpenShift AI (RHOAI)-cpe:/a:redhat:openshift_ai
Red HatRed Hat OpenShift Container Platform 4-cpe:/a:redhat:openshift:4
Red HatRed Hat OpenShift Container Platform 4-cpe:/a:redhat:openshift:4
Red HatRed Hat OpenShift Container Platform 4-cpe:/a:redhat:openshift:4
Red HatRed Hat OpenShift Container Platform 4-cpe:/a:redhat:openshift:4
Red HatRed Hat OpenShift Container Platform 4-cpe:/a:redhat:openshift:4
Red HatRed Hat OpenShift Container Platform 4-cpe:/a:redhat:openshift:4
Red HatRed Hat OpenShift Container Platform 4-cpe:/a:redhat:openshift:4
Red HatRed Hat OpenShift Container Platform 4-cpe:/a:redhat:openshift:4
Red HatRed Hat OpenShift Container Platform 4-cpe:/a:redhat:openshift:4
Red HatRed Hat OpenShift Container Platform 4-cpe:/a:redhat:openshift:4
Red HatRed Hat OpenShift Container Platform 4-cpe:/a:redhat:openshift:4
Red HatRed Hat OpenShift Dev Workspaces Operator-cpe:/a:redhat:devworkspace
Red HatRed Hat OpenShift Dev Workspaces Operator-cpe:/a:redhat:devworkspace
Red HatRed Hat OpenShift Dev Workspaces Operator-cpe:/a:redhat:devworkspace
Red HatRed Hat OpenShift for Windows Containers-cpe:/a:redhat:windows_machine_config
Red HatRed Hat OpenShift for Windows Containers-cpe:/a:redhat:windows_machine_config
Red HatRed Hat OpenShift GitOps-cpe:/a:redhat:openshift_gitops:1
Red HatRed Hat OpenShift GitOps-cpe:/a:redhat:openshift_gitops:1
Red HatRed Hat OpenShift GitOps-cpe:/a:redhat:openshift_gitops:1
Red HatRed Hat OpenShift GitOps-cpe:/a:redhat:openshift_gitops:1
Red HatRed Hat OpenShift Virtualization 4-cpe:/a:redhat:container_native_virtualization:4
Red HatRed Hat OpenStack Platform 16.2-cpe:/a:redhat:openstack:16.2
Red HatRed Hat OpenStack Platform 16.2-cpe:/a:redhat:openstack:16.2
Red HatRed Hat OpenStack Platform 16.2-cpe:/a:redhat:openstack:16.2
Red HatRed Hat OpenStack Platform 17.1-cpe:/a:redhat:openstack:17.1
Red HatRed Hat OpenStack Platform 17.1-cpe:/a:redhat:openstack:17.1
Red HatRed Hat OpenStack Platform 17.1-cpe:/a:redhat:openstack:17.1
Red HatRed Hat Trusted Application Pipeline-cpe:/a:redhat:trusted_application_pipeline:1
Red HatRed Hat Trusted Artifact Signer-cpe:/a:redhat:trusted_artifact_signer:1
Red HatRed Hat Trusted Artifact Signer-cpe:/a:redhat:trusted_artifact_signer:1
Red HatRed Hat Trusted Artifact Signer-cpe:/a:redhat:trusted_artifact_signer:1
Red HatRed Hat Trusted Artifact Signer-cpe:/a:redhat:trusted_artifact_signer:1
Red HatRed Hat Trusted Artifact Signer-cpe:/a:redhat:trusted_artifact_signer:1
Red HatRed Hat Trusted Artifact Signer-cpe:/a:redhat:trusted_artifact_signer:1
Red HatRed Hat Trusted Artifact Signer-cpe:/a:redhat:trusted_artifact_signer:1
Red HatRed Hat Trusted Artifact Signer-cpe:/a:redhat:trusted_artifact_signer:1
Red HatRed Hat Trusted Profile Analyzer-cpe:/a:redhat:trusted_profile_analyzer:1

II. Public POCs for CVE-2025-8556

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-8556

登录查看更多情报信息。

IV. Related Vulnerabilities

Same weakness: CWE-1287

V. Comments for CVE-2025-8556

No comments yet

Leave a comment