Security Bulletin: Astronomer with IBM is vulnerable to session security compromise due to the CIRCL package (CVE-2025-8556)

Summary CIRCL is used by Astronomer with IBM as part of crytographic processing functionality. Vulnerability Details CVEID:CVE-2025-8556 DESCRIPTION: A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via...

EUVD-2025-29444

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-8556

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point...

UBUNTU-CVE-2025-8556

A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange...

CVE-2025-8556

A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange. Mitigation Mitigation for this issue is either not availabl...

GO-2025-3754 CIRCL-Fourq: Missing and wrong validation can lead to incorrect results in github.com/cloudflare/circl

CIRCL-Fourq: Missing and wrong validation can lead to incorrect results in github.com/cloudflare/circl...