CVE-2025-13912

Low CVSS: 1.0

Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into non-constant-time binary by LLVM optimizations, which can potentially result in observable timing discrepancies and lead to information disclosure through timing side-channel attacks.

Vendor

Product

CWE

CWE-203

Yayın Tarihi

2025-12-11 18:16:19

Güncelleme

2025-12-12 15:18:13

Source Identifier

facts@wolfssl.com

KEV Date Added

Kategoriler

CWE-203 LOW 2025

Referanslar

https://github.com/wolfSSL/wolfssl/pull/9148