Description

A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange.

INFO

Published Date :

2025-08-06T08:48:17.946Z

Last Modified :

2025-08-06T20:24:59.905Z

Source :

redhat
AFFECTED PRODUCTS

The following products are affected by CVE-2025-8556 vulnerability.

Vendors Products
Redhat
  • Acm
  • Advanced Cluster Security
  • Ceph Storage
  • Container Native Virtualization
  • Devworkspace
  • Enterprise Linux
  • Enterprise Linux Ai
  • Multicluster Globalhub
  • Openshift
  • Openshift Ai
  • Openshift Builds
  • Openshift Custom Metrics Autoscaler
  • Openshift Gitops
  • Openshift Pipelines
  • Openstack
  • Rhdh
  • Serverless
  • Service Mesh
  • Trusted Application Pipeline
  • Trusted Artifact Signer
  • Trusted Profile Analyzer
  • Windows Machine Config
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-8556.

URL Resource
https://access.redhat.com/security/cve/CVE-2025-8556 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2371624 cve-icon cve-icon
https://github.com/cloudflare/circl cve-icon cve-icon
https://github.com/cloudflare/circl/security/advisories/GHSA-2x5j-vhc8-9cwm cve-icon cve-icon
https://github.com/cloudflare/circl/tree/v1.6.1 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact