exploitDog

CVE-2025-13912

Опубликовано: 11 дек. 2025

Источник: nvd

EPSS Низкий

Описание

Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into non-constant-time binary by LLVM optimizations, which can potentially result in observable timing discrepancies and lead to information disclosure through timing side-channel attacks.

Ссылки

https://github.com/wolfSSL/wolfssl/pull/9148

EPSS

Процентиль: 4%

0.00019

Низкий

Дефекты

CWE-203

Связанные уязвимости

CVE-2025-13912

ubuntu

около 2 месяцев назад

Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into non-constant-time binary by LLVM optimizations, which can potentially result in observable timing discrepancies and lead to information disclosure through timing side-channel attacks.

CVE-2025-13912

msrc

около 1 месяца назад

Potential non-constant time compiled code with Clang LLVM

CVE-2025-13912

debian

около 2 месяцев назад

Multiple constant-time implementations in wolfSSL before version 5.8.4 ...

GHSA-7582-g6xx-939j

github

около 2 месяцев назад

Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into non-constant-time binary by LLVM optimizations, which can potentially result in observable timing discrepancies and lead to information disclosure through timing side-channel attacks.

EPSS

Процентиль: 4%

0.00019

Низкий

Дефекты

CWE-203