Skip to main content

Circl

2 CVEs product

Monthly

CVE-2026-1229 Go CRITICAL PATCH Act Now

Incorrect computation in CIRCL cryptographic library's CombinedMult function for secp384r1 (P-384) curve. Produces wrong elliptic curve multiplication results for specific inputs, potentially breaking ECDSA signature verification.

Github Circl Suse Cloudflare
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2023-1732 Go HIGH PATCH This Week

When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read() returns an error. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Circl
NVD GitHub
CVSS 3.1
8.2
EPSS
0.4%
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Incorrect computation in CIRCL cryptographic library's CombinedMult function for secp384r1 (P-384) curve. Produces wrong elliptic curve multiplication results for specific inputs, potentially breaking ECDSA signature verification.

Github Circl Suse +1
NVD GitHub
EPSS 0% CVSS 8.2
HIGH PATCH This Week

When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read() returns an error. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Circl
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy