admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-12-16 10:44:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2025/CVE-2025-228xx/CVE-2025-22866.json
cad-safe-bot 9e1fad94ca Auto-Update: 2025-02-21T19:00:34.974656+00:00
2025-02-21 19:04:04 +00:00

64 lines
2.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2025-22866",
"sourceIdentifier": "security@golang.org",
"published": "2025-02-06T17:15:21.410",
"lastModified": "2025-02-21T18:15:32.243",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Due to the way this function is used, we do not believe this leakage is enough to allow recovery of the private key when P-256 is used in any well known protocols."
},
{
"lang": "es",
"value": "Debido al uso de una instrucci\u00f3n de tiempo variable en la implementaci\u00f3n de ensamblaje de una funci\u00f3n interna, se filtra una peque\u00f1a cantidad de bits de escalares secretos en la arquitectura ppc64le. Debido a la forma en que se utiliza esta funci\u00f3n, no creemos que esta filtraci\u00f3n sea suficiente para permitir la recuperaci\u00f3n de la clave privada cuando se utiliza P-256 en cualquier protocolo conocido."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://go.dev/cl/643735",
"source": "security@golang.org"
},
{
"url": "https://go.dev/issue/71383",
"source": "security@golang.org"
},
{
"url": "https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k",
"source": "security@golang.org"
},
{
"url": "https://pkg.go.dev/vuln/GO-2025-3447",
"source": "security@golang.org"
},
{
"url": "https://security.netapp.com/advisory/ntap-20250221-0002/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink