Common Weakness Enumeration

CWE-733

Allowed

Compiler Optimization Removal or Modification of Security-critical Code

Abstraction: Base · Status: Incomplete

The developer builds a security-critical protection mechanism into the software, but the compiler optimizes the program such that the mechanism is removed or modified.

13 vulnerabilities reference this CWE, most recent first.

CVE-2025-52496 (GCVE-0-2025-52496)

Vulnerability from cvelistv5 – Published: 2025-07-04 00:00 – Updated: 2025-11-03 20:05
VLAI
Summary
Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery.
SSVC
Exploitation: poc Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-733 - Compiler Optimization Removal or Modification of Security-critical Code
Assigner
Impacted products
Vendor Product Version
Mbed mbedtls Affected: 0 , < 3.6.4 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-52496",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-08T14:07:04.979045Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-08T14:29:52.443Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/Mbed-TLS/mbedtls-docs/blob/main/security-advisories/mbedtls-security-advisory-2025-06-1.md"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:05:50.713Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00013.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "mbedtls",
          "vendor": "Mbed",
          "versions": [
            {
              "lessThan": "3.6.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:mbed:mbedtls:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "3.6.4",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-733",
              "description": "CWE-733 Compiler Optimization Removal or Modification of Security-critical Code",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-04T14:49:39.056Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/Mbed-TLS/mbedtls-docs/blob/main/security-advisories/mbedtls-security-advisory-2025-06-1.md"
        }
      ],
      "x_generator": {
        "engine": "enrichogram 0.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-52496",
    "datePublished": "2025-07-04T00:00:00.000Z",
    "dateReserved": "2025-06-17T00:00:00.000Z",
    "dateUpdated": "2025-11-03T20:05:50.713Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-20241 (GCVE-0-2025-20241)

Vulnerability from cvelistv5 – Published: 2025-08-27 16:23 – Updated: 2025-08-27 18:18
VLAI
Title
Cisco Nexus 3000 and 9000 Series Switches IS-IS Protocol <TBD> Denial of Service Vulnerability
Summary
A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly restart, which could cause an affected device to reload. This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device. A successful exploit could allow the attacker to cause the unexpected restart of the IS-IS process, which could cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-733 - Compiler Optimization Removal or Modification of Security-critical Code
Assigner
Impacted products
Vendor Product Version
Cisco Cisco NX-OS Software Affected: 9.2(3)
Affected: 7.0(3)I5(2)
Affected: 6.0(2)A8(7a)
Affected: 7.0(3)I4(5)
Affected: 7.0(3)I4(6)
Affected: 7.0(3)I4(3)
Affected: 9.2(2v)
Affected: 7.0(3)I4(7)
Affected: 7.0(3)I4(1)
Affected: 7.0(3)I4(8)
Affected: 7.0(3)I4(2)
Affected: 6.0(2)A8(11)
Affected: 9.2(1)
Affected: 9.2(2t)
Affected: 9.2(3y)
Affected: 7.0(3)I4(1t)
Affected: 7.0(3)I7(6z)
Affected: 9.3(2)
Affected: 7.0(3)F3(3)
Affected: 7.0(3)I7(3z)
Affected: 7.0(3)IM7(2)
Affected: 6.0(2)A8(11b)
Affected: 7.0(3)I7(5a)
Affected: 7.0(3)I6(1)
Affected: 7.0(3)I5(3b)
Affected: 9.2(4)
Affected: 6.0(2)A8(10)
Affected: 6.0(2)A8(2)
Affected: 7.0(3)IC4(4)
Affected: 7.0(3)F3(3c)
Affected: 7.0(3)F3(1)
Affected: 7.0(3)F3(5)
Affected: 7.0(3)I7(2)
Affected: 7.0(3)I5(3)
Affected: 7.0(3)I7(3)
Affected: 6.0(2)A8(6)
Affected: 7.0(3)I6(2)
Affected: 6.0(2)A8(5)
Affected: 9.3(1)
Affected: 6.0(2)A8(7)
Affected: 7.0(3)I7(6)
Affected: 6.0(2)A8(11a)
Affected: 7.0(3)I4(8z)
Affected: 7.0(3)I4(9)
Affected: 7.0(3)I7(4)
Affected: 7.0(3)I7(7)
Affected: 6.0(2)A8(9)
Affected: 6.0(2)A8(1)
Affected: 6.0(2)A8(10a)
Affected: 7.0(3)I5(1)
Affected: 9.3(1z)
Affected: 9.2(2)
Affected: 7.0(3)F3(4)
Affected: 7.0(3)I4(8b)
Affected: 6.0(2)A8(3)
Affected: 7.0(3)I4(6t)
Affected: 7.0(3)I5(3a)
Affected: 6.0(2)A8(8)
Affected: 7.0(3)I7(5)
Affected: 7.0(3)F3(3a)
Affected: 6.0(2)A8(4)
Affected: 7.0(3)I4(8a)
Affected: 7.0(3)F3(2)
Affected: 7.0(3)I4(4)
Affected: 7.0(3)I7(1)
Affected: 7.0(3)IA7(2)
Affected: 7.0(3)IA7(1)
Affected: 6.0(2)A8(7b)
Affected: 6.0(2)A8(4a)
Affected: 9.3(3)
Affected: 7.0(3)I7(8)
Affected: 9.3(4)
Affected: 9.3(5)
Affected: 7.0(3)I7(9)
Affected: 9.3(6)
Affected: 10.1(2)
Affected: 10.1(1)
Affected: 9.3(5w)
Affected: 9.3(7)
Affected: 9.3(7k)
Affected: 7.0(3)I7(9w)
Affected: 10.2(1)
Affected: 9.3(7a)
Affected: 9.3(8)
Affected: 7.0(3)I7(10)
Affected: 10.2(1q)
Affected: 10.2(2)
Affected: 9.3(9)
Affected: 10.1(2t)
Affected: 10.2(3)
Affected: 10.2(3t)
Affected: 9.3(10)
Affected: 10.2(2a)
Affected: 10.3(1)
Affected: 10.2(4)
Affected: 10.3(2)
Affected: 9.3(11)
Affected: 10.3(3)
Affected: 10.2(5)
Affected: 9.3(12)
Affected: 10.2(3v)
Affected: 10.4(1)
Affected: 10.3(99w)
Affected: 10.2(6)
Affected: 10.3(3w)
Affected: 10.3(99x)
Affected: 10.3(3o)
Affected: 10.3(4)
Affected: 10.3(3p)
Affected: 10.3(4a)
Affected: 10.4(2)
Affected: 10.3(3q)
Affected: 9.3(13)
Affected: 10.3(5)
Affected: 10.2(7)
Affected: 10.4(3)
Affected: 10.3(3x)
Affected: 10.3(4g)
Affected: 10.5(1)
Affected: 10.2(8)
Affected: 10.3(3r)
Affected: 10.3(6)
Affected: 9.3(14)
Affected: 10.4(4)
Affected: 10.3(4h)
Affected: 10.5(2)
Affected: 10.4(4g)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-20241",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-27T18:18:19.522793Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-27T18:18:32.250Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco NX-OS Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.2(3)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I5(2)"
            },
            {
              "status": "affected",
              "version": "6.0(2)A8(7a)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I4(5)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I4(6)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I4(3)"
            },
            {
              "status": "affected",
              "version": "9.2(2v)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I4(7)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I4(1)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I4(8)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I4(2)"
            },
            {
              "status": "affected",
              "version": "6.0(2)A8(11)"
            },
            {
              "status": "affected",
              "version": "9.2(1)"
            },
            {
              "status": "affected",
              "version": "9.2(2t)"
            },
            {
              "status": "affected",
              "version": "9.2(3y)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I4(1t)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I7(6z)"
            },
            {
              "status": "affected",
              "version": "9.3(2)"
            },
            {
              "status": "affected",
              "version": "7.0(3)F3(3)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I7(3z)"
            },
            {
              "status": "affected",
              "version": "7.0(3)IM7(2)"
            },
            {
              "status": "affected",
              "version": "6.0(2)A8(11b)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I7(5a)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I6(1)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I5(3b)"
            },
            {
              "status": "affected",
              "version": "9.2(4)"
            },
            {
              "status": "affected",
              "version": "6.0(2)A8(10)"
            },
            {
              "status": "affected",
              "version": "6.0(2)A8(2)"
            },
            {
              "status": "affected",
              "version": "7.0(3)IC4(4)"
            },
            {
              "status": "affected",
              "version": "7.0(3)F3(3c)"
            },
            {
              "status": "affected",
              "version": "7.0(3)F3(1)"
            },
            {
              "status": "affected",
              "version": "7.0(3)F3(5)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I7(2)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I5(3)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I7(3)"
            },
            {
              "status": "affected",
              "version": "6.0(2)A8(6)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I6(2)"
            },
            {
              "status": "affected",
              "version": "6.0(2)A8(5)"
            },
            {
              "status": "affected",
              "version": "9.3(1)"
            },
            {
              "status": "affected",
              "version": "6.0(2)A8(7)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I7(6)"
            },
            {
              "status": "affected",
              "version": "6.0(2)A8(11a)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I4(8z)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I4(9)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I7(4)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I7(7)"
            },
            {
              "status": "affected",
              "version": "6.0(2)A8(9)"
            },
            {
              "status": "affected",
              "version": "6.0(2)A8(1)"
            },
            {
              "status": "affected",
              "version": "6.0(2)A8(10a)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I5(1)"
            },
            {
              "status": "affected",
              "version": "9.3(1z)"
            },
            {
              "status": "affected",
              "version": "9.2(2)"
            },
            {
              "status": "affected",
              "version": "7.0(3)F3(4)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I4(8b)"
            },
            {
              "status": "affected",
              "version": "6.0(2)A8(3)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I4(6t)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I5(3a)"
            },
            {
              "status": "affected",
              "version": "6.0(2)A8(8)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I7(5)"
            },
            {
              "status": "affected",
              "version": "7.0(3)F3(3a)"
            },
            {
              "status": "affected",
              "version": "6.0(2)A8(4)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I4(8a)"
            },
            {
              "status": "affected",
              "version": "7.0(3)F3(2)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I4(4)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I7(1)"
            },
            {
              "status": "affected",
              "version": "7.0(3)IA7(2)"
            },
            {
              "status": "affected",
              "version": "7.0(3)IA7(1)"
            },
            {
              "status": "affected",
              "version": "6.0(2)A8(7b)"
            },
            {
              "status": "affected",
              "version": "6.0(2)A8(4a)"
            },
            {
              "status": "affected",
              "version": "9.3(3)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I7(8)"
            },
            {
              "status": "affected",
              "version": "9.3(4)"
            },
            {
              "status": "affected",
              "version": "9.3(5)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I7(9)"
            },
            {
              "status": "affected",
              "version": "9.3(6)"
            },
            {
              "status": "affected",
              "version": "10.1(2)"
            },
            {
              "status": "affected",
              "version": "10.1(1)"
            },
            {
              "status": "affected",
              "version": "9.3(5w)"
            },
            {
              "status": "affected",
              "version": "9.3(7)"
            },
            {
              "status": "affected",
              "version": "9.3(7k)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I7(9w)"
            },
            {
              "status": "affected",
              "version": "10.2(1)"
            },
            {
              "status": "affected",
              "version": "9.3(7a)"
            },
            {
              "status": "affected",
              "version": "9.3(8)"
            },
            {
              "status": "affected",
              "version": "7.0(3)I7(10)"
            },
            {
              "status": "affected",
              "version": "10.2(1q)"
            },
            {
              "status": "affected",
              "version": "10.2(2)"
            },
            {
              "status": "affected",
              "version": "9.3(9)"
            },
            {
              "status": "affected",
              "version": "10.1(2t)"
            },
            {
              "status": "affected",
              "version": "10.2(3)"
            },
            {
              "status": "affected",
              "version": "10.2(3t)"
            },
            {
              "status": "affected",
              "version": "9.3(10)"
            },
            {
              "status": "affected",
              "version": "10.2(2a)"
            },
            {
              "status": "affected",
              "version": "10.3(1)"
            },
            {
              "status": "affected",
              "version": "10.2(4)"
            },
            {
              "status": "affected",
              "version": "10.3(2)"
            },
            {
              "status": "affected",
              "version": "9.3(11)"
            },
            {
              "status": "affected",
              "version": "10.3(3)"
            },
            {
              "status": "affected",
              "version": "10.2(5)"
            },
            {
              "status": "affected",
              "version": "9.3(12)"
            },
            {
              "status": "affected",
              "version": "10.2(3v)"
            },
            {
              "status": "affected",
              "version": "10.4(1)"
            },
            {
              "status": "affected",
              "version": "10.3(99w)"
            },
            {
              "status": "affected",
              "version": "10.2(6)"
            },
            {
              "status": "affected",
              "version": "10.3(3w)"
            },
            {
              "status": "affected",
              "version": "10.3(99x)"
            },
            {
              "status": "affected",
              "version": "10.3(3o)"
            },
            {
              "status": "affected",
              "version": "10.3(4)"
            },
            {
              "status": "affected",
              "version": "10.3(3p)"
            },
            {
              "status": "affected",
              "version": "10.3(4a)"
            },
            {
              "status": "affected",
              "version": "10.4(2)"
            },
            {
              "status": "affected",
              "version": "10.3(3q)"
            },
            {
              "status": "affected",
              "version": "9.3(13)"
            },
            {
              "status": "affected",
              "version": "10.3(5)"
            },
            {
              "status": "affected",
              "version": "10.2(7)"
            },
            {
              "status": "affected",
              "version": "10.4(3)"
            },
            {
              "status": "affected",
              "version": "10.3(3x)"
            },
            {
              "status": "affected",
              "version": "10.3(4g)"
            },
            {
              "status": "affected",
              "version": "10.5(1)"
            },
            {
              "status": "affected",
              "version": "10.2(8)"
            },
            {
              "status": "affected",
              "version": "10.3(3r)"
            },
            {
              "status": "affected",
              "version": "10.3(6)"
            },
            {
              "status": "affected",
              "version": "9.3(14)"
            },
            {
              "status": "affected",
              "version": "10.4(4)"
            },
            {
              "status": "affected",
              "version": "10.3(4h)"
            },
            {
              "status": "affected",
              "version": "10.5(2)"
            },
            {
              "status": "affected",
              "version": "10.4(4g)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly restart, which could cause an affected device to reload.\r\n\r\nThis vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device. A successful exploit could allow the attacker to cause the unexpected restart of the IS-IS process, which could cause the affected device to reload, resulting in a denial of service (DoS) condition.\r\nNote: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-733",
              "description": "Compiler Optimization Removal or Modification of Security-critical Code",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-27T16:23:55.242Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-n39k-isis-dos-JhJA8Rfx",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n39k-isis-dos-JhJA8Rfx"
        }
      ],
      "source": {
        "advisory": "cisco-sa-n39k-isis-dos-JhJA8Rfx",
        "defects": [
          "CSCwn49153"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Nexus 3000 and 9000 Series Switches IS-IS Protocol \u003cTBD\u003e Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2025-20241",
    "datePublished": "2025-08-27T16:23:55.242Z",
    "dateReserved": "2024-10-10T19:15:13.238Z",
    "dateUpdated": "2025-08-27T18:18:32.250Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-58262 (GCVE-0-2024-58262)

Vulnerability from cvelistv5 – Published: 2025-07-27 00:00 – Updated: 2025-07-28 18:55
VLAI
Summary
The curve25519-dalek crate before 4.1.3 for Rust has a constant-time operation on elliptic curve scalars that is removed by LLVM.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-733 - Compiler Optimization Removal or Modification of Security-critical Code
Assigner
Impacted products
Vendor Product Version
dalek-cryptography curve25519-dalek Affected: 0 , < 4.1.3 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-58262",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-28T15:25:33.472258Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-28T18:55:22.149Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "curve25519-dalek",
          "vendor": "dalek-cryptography",
          "versions": [
            {
              "lessThan": "4.1.3",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The curve25519-dalek crate before 4.1.3 for Rust has a constant-time operation on elliptic curve scalars that is removed by LLVM."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-733",
              "description": "CWE-733 Compiler Optimization Removal or Modification of Security-critical Code",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-27T19:41:32.189Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://rustsec.org/advisories/RUSTSEC-2024-0344.html"
        },
        {
          "url": "https://github.com/dalek-cryptography/curve25519-dalek/pull/659"
        },
        {
          "url": "https://crates.io/crates/curve25519-dalek"
        }
      ],
      "x_generator": {
        "engine": "enrichogram 0.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-58262",
    "datePublished": "2025-07-27T00:00:00.000Z",
    "dateReserved": "2025-07-27T00:00:00.000Z",
    "dateUpdated": "2025-07-28T18:55:22.149Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-15294 (GCVE-0-2020-15294)

Vulnerability from cvelistv5 – Published: 2020-12-17 16:50 – Updated: 2024-09-16 19:40
VLAI
Title
Compiler Optimization Removal or Modification of Security-Critical Code vulnerability in Bitdefender Hypervisor Introspection (VA-9339)
Summary
Compiler Optimization Removal or Modification of Security-critical Code vulnerability in IntPeParseUnwindData() results in multiple dereferences to the same pointer. If the pointer is located in memory-mapped from the guest space, this may cause a race-condition where the generated code would dereference the same address twice, thus obtaining different values, which may lead to arbitrary code execution. This issue affects: Bitdefender Hypervisor Introspection versions prior to 1.132.2.
CWE
  • CWE-733 - Compiler Optimization Removal or Modification of Security-critical Code
Assigner
References
Impacted products
Vendor Product Version
Bitdefender Hypervisor Introspection Affected: unspecified , < 1.132.2 (custom)
Create a notification for this product.
Date Public
2020-12-17 00:00
Credits
Ilja Van Sprundel from IOActive
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:15:19.042Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.bitdefender.com/support/security-advisories/compiler-optimization-removal-modification-security-critical-code-vulnerability-bitdefender-hypervisor-introspection-va-9339/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Hypervisor Introspection",
          "vendor": "Bitdefender",
          "versions": [
            {
              "lessThan": "1.132.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Ilja Van Sprundel from IOActive"
        }
      ],
      "datePublic": "2020-12-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Compiler Optimization Removal or Modification of Security-critical Code vulnerability in IntPeParseUnwindData() results in multiple dereferences to the same pointer. If the pointer is located in memory-mapped from the guest space, this may cause a race-condition where the generated code would dereference the same address twice, thus obtaining different values, which may lead to arbitrary code execution. This issue affects: Bitdefender Hypervisor Introspection versions prior to 1.132.2."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-733",
              "description": "CWE-733: Compiler Optimization Removal or Modification of Security-critical Code",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-17T16:50:18.000Z",
        "orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
        "shortName": "Bitdefender"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.bitdefender.com/support/security-advisories/compiler-optimization-removal-modification-security-critical-code-vulnerability-bitdefender-hypervisor-introspection-va-9339/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The issue has been fixed in Introcore 1.132.2."
        }
      ],
      "source": {
        "defect": [
          "VA-9339"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Compiler Optimization Removal or Modification of Security-Critical Code vulnerability in Bitdefender Hypervisor Introspection (VA-9339)",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve-requests@bitdefender.com",
          "DATE_PUBLIC": "2020-12-17T19:00:00.000Z",
          "ID": "CVE-2020-15294",
          "STATE": "PUBLIC",
          "TITLE": "Compiler Optimization Removal or Modification of Security-Critical Code vulnerability in Bitdefender Hypervisor Introspection (VA-9339)"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Hypervisor Introspection",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "1.132.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Bitdefender"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Ilja Van Sprundel from IOActive"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Compiler Optimization Removal or Modification of Security-critical Code vulnerability in IntPeParseUnwindData() results in multiple dereferences to the same pointer. If the pointer is located in memory-mapped from the guest space, this may cause a race-condition where the generated code would dereference the same address twice, thus obtaining different values, which may lead to arbitrary code execution. This issue affects: Bitdefender Hypervisor Introspection versions prior to 1.132.2."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-733: Compiler Optimization Removal or Modification of Security-critical Code"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.bitdefender.com/support/security-advisories/compiler-optimization-removal-modification-security-critical-code-vulnerability-bitdefender-hypervisor-introspection-va-9339/",
              "refsource": "MISC",
              "url": "https://www.bitdefender.com/support/security-advisories/compiler-optimization-removal-modification-security-critical-code-vulnerability-bitdefender-hypervisor-introspection-va-9339/"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The issue has been fixed in Introcore 1.132.2."
          }
        ],
        "source": {
          "defect": [
            "VA-9339"
          ],
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
    "assignerShortName": "Bitdefender",
    "cveId": "CVE-2020-15294",
    "datePublished": "2020-12-17T16:50:18.250Z",
    "dateReserved": "2020-06-25T00:00:00.000Z",
    "dateUpdated": "2024-09-16T19:40:28.161Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GHSA-4885-5PCH-3X6M

Vulnerability from github – Published: 2026-06-16 15:33 – Updated: 2026-07-15 12:31
VLAI
Details

JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, and Firefox ESR 115.37.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-12299"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-733",
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-16T13:16:30Z",
    "severity": "MODERATE"
  },
  "details": "JIT miscompilation in the DOM: Core \u0026 HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, and Firefox ESR 115.37.",
  "id": "GHSA-4885-5pch-3x6m",
  "modified": "2026-07-15T12:31:49Z",
  "published": "2026-06-16T15:33:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12299"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-61"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-60"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-59"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-58"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-57"
    },
    {
      "type": "WEB",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-12299.json"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2489212"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2043139"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-12299"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:39706"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:39428"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:39142"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:39141"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:39011"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:38753"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:38751"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:38750"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:38506"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:37391"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:37210"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:36103"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:36102"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:36101"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:36100"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:33445"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:30846"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:29940"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:27734"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:27733"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:27717"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4HFF-HH47-7788

Vulnerability from github – Published: 2025-07-27 21:32 – Updated: 2025-07-28 15:46
VLAI
Summary
Duplicate Advisory: curve25519-dalek has timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub`
Details

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-x4gp-pqpj-f43q. This link is maintained to preserve external references.

Original Description

The curve25519-dalek crate before 4.1.3 for Rust has a constant-time operation on elliptic curve scalars that is removed by LLVM.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "curve25519-dalek"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.1.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-733"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-28T15:46:04Z",
    "nvd_published_at": "2025-07-27T20:15:25Z",
    "severity": "LOW"
  },
  "details": "### Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-x4gp-pqpj-f43q. This link is maintained to preserve external references.\n\n### Original Description\nThe curve25519-dalek crate before 4.1.3 for Rust has a constant-time operation on elliptic curve scalars that is removed by LLVM.",
  "id": "GHSA-4hff-hh47-7788",
  "modified": "2025-07-28T15:46:04Z",
  "published": "2025-07-27T21:32:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-58262"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dalek-cryptography/curve25519-dalek/pull/659"
    },
    {
      "type": "WEB",
      "url": "https://crates.io/crates/curve25519-dalek"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/dalek-cryptography/curve25519-dalek"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2024-0344.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Duplicate Advisory: curve25519-dalek has timing variability in `curve25519-dalek`\u0027s `Scalar29::sub`/`Scalar52::sub`",
  "withdrawn": "2025-07-28T15:46:04Z"
}

GHSA-9XHV-JRCW-J6FJ

Vulnerability from github – Published: 2025-08-27 18:31 – Updated: 2025-08-27 18:31
VLAI
Details

A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly restart, which could cause an affected device to reload.

This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device. A successful exploit could allow the attacker to cause the unexpected restart of the IS-IS process, which could cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-20241"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-733"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-27T17:15:34Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly restart, which could cause an affected device to reload.\n\nThis vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device. A successful exploit could allow the attacker to cause the unexpected restart of the IS-IS process, which could cause the affected device to reload, resulting in a denial of service (DoS) condition.\nNote: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device.",
  "id": "GHSA-9xhv-jrcw-j6fj",
  "modified": "2025-08-27T18:31:54Z",
  "published": "2025-08-27T18:31:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20241"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n39k-isis-dos-JhJA8Rfx"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CJ36-HXHV-2QXH

Vulnerability from github – Published: 2026-03-24 15:30 – Updated: 2026-06-30 03:35
VLAI
Details

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, and Firefox ESR < 140.9.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-4698"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-733",
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-24T13:16:05Z",
    "severity": "CRITICAL"
  },
  "details": "JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox \u003c 149, Firefox ESR \u003c 115.34, and Firefox ESR \u003c 140.9.",
  "id": "GHSA-cj36-hxhv-2qxh",
  "modified": "2026-06-30T03:35:59Z",
  "published": "2026-03-24T15:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4698"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:5930"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:8287"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:8288"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:8289"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:8290"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:8315"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:8427"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:8850"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-4698"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2020906"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450719"
    },
    {
      "type": "WEB",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4698.json"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-20"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-21"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-22"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-23"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-24"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:5931"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:5932"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:6188"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:6342"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:6917"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:7837"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:7838"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:7839"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:7840"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:7841"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:7842"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:7843"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:7845"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:7858"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:8284"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:8285"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:8286"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HMRH-MQV8-RVVR

Vulnerability from github – Published: 2026-06-02 21:30 – Updated: 2026-06-30 03:36
VLAI
Details

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-10702"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-733",
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-02T20:16:33Z",
    "severity": "MODERATE"
  },
  "details": "JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3.",
  "id": "GHSA-hmrh-mqv8-rvvr",
  "modified": "2026-06-30T03:36:54Z",
  "published": "2026-06-02T21:30:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10702"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-10702"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2040903"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2484118"
    },
    {
      "type": "WEB",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-10702.json"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-54"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HVH4-5QR6-3V7R

Vulnerability from github – Published: 2024-06-05 16:56 – Updated: 2024-06-05 18:36
VLAI
Summary
Observable Timing Discrepancy in pypqc
Details

Impact

kyber512, kyber768, and kyber1024 on Mac OS (or when compiled with clang) only: An attacker able to submit many decapsulation requests against a single private key, and to gain timing information about the decapsulation, could recover the private key. Proof-of-concept exploit exists for a local attacker.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:U/RC:C

Patches

No patch is currently available / pending upstream PQClean#556.

Workarounds

No workarounds have been reported. The 0.0.7 -> 0.0.7.1 upgrade, when available, should be a drop-in replacement.

References

https://pqshield.com/pqshield-plugs-timing-leaks-in-kyber-ml-kem-to-improve-pqc-implementation-maturity/

https://github.com/antoonpurnal/clangover

https://www.github.com/PQClean/PQClean/issues/556

https://www.github.com/pq-crystals/kyber/commit/9b8d30698a3e7449aeb34e62339d4176f11e3c6c

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "pypqc"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.0.4"
            },
            {
              "last_affected": "0.0.6.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-385",
      "CWE-733"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-06-05T16:56:35Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "### Impact\n`kyber512`, `kyber768`, and `kyber1024` on Mac OS \\(or when compiled with clang\\) only: An attacker able to submit many decapsulation requests against a single private key, and to gain timing information about the decapsulation, could recover the private key. Proof-of-concept exploit exists for a local attacker.\n\nCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:U/RC:C  \n\n### Patches\nNo patch is currently available / pending upstream [PQClean#556](https://github.com/PQClean/PQClean/issues/556).\n\n### Workarounds\nNo workarounds have been reported. The 0.0.7 -\u003e 0.0.7.1 upgrade, when available, should be a drop-in replacement\u003c!--; it has no known breaking changes--\u003e.\n\n### References\n\nhttps://pqshield.com/pqshield-plugs-timing-leaks-in-kyber-ml-kem-to-improve-pqc-implementation-maturity/\n\nhttps://github.com/antoonpurnal/clangover\n\nhttps://www.github.com/PQClean/PQClean/issues/556\n\nhttps://www.github.com/pq-crystals/kyber/commit/9b8d30698a3e7449aeb34e62339d4176f11e3c6c",
  "id": "GHSA-hvh4-5qr6-3v7r",
  "modified": "2024-06-05T18:36:15Z",
  "published": "2024-06-05T16:56:35Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/JamesTheAwesomeDude/pypqc/security/advisories/GHSA-hvh4-5qr6-3v7r"
    },
    {
      "type": "WEB",
      "url": "https://github.com/PQClean/PQClean/issues/556"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/JamesTheAwesomeDude/pypqc"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:U/RC:C",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Observable Timing Discrepancy in pypqc"
}

No mitigation information available for this CWE.

CAPEC-10: Buffer Overflow via Environment Variables

This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the adversary finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.

CAPEC-24: Filter Failure through Buffer Overflow

In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).

CAPEC-46: Overflow Variables and Tags

This type of attack leverages the use of tags or variables from a formatted configuration data to cause buffer overflow. The adversary crafts a malicious HTML page or configuration file that includes oversized strings, thus causing an overflow.

CAPEC-8: Buffer Overflow in an API Call

This attack targets libraries or shared code modules which are vulnerable to buffer overflow attacks. An adversary who has knowledge of known vulnerable libraries or shared code can easily target software that makes use of these libraries. All clients that make use of the code library thus become vulnerable by association. This has a very broad effect on security across a system, usually affecting more than one software process.

CAPEC-9: Buffer Overflow in Local Command-Line Utilities

This attack targets command-line utilities available in a number of shells. An adversary can leverage a vulnerability found in a command-line utility to escalate privilege to root.