github.com/cloudflare/circl

Go2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/cloudflare/circlpage 1 of 1

CVE-2023-1732MEDIUMCVSS 5.3EG 5.3✓ Fixed in 1.3.3
2023-05-10
When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read() returns an error. In rare deployment cases (error thrown by the Read() function), this could lead to a predi…
CVE-2025-8556LOWCVSS 3.7EG 3.7✓ Fixed in 1.6.1
2025-08-06
A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange.

Check whether github.com/cloudflare/circl is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/cloudflare/circl CVEs against the assets you own.

Start Free Scan →