CVE-2025-59350

描述

Dragonfly vulnerable to timing attacks against Proxy’s basic authentication in d7y.io/dragonfly

受影響套件(4)

• Go/d7y.io/dragonfly/v2from 0, < 2.1.0
• Go/d7y.io/dragonfly/v2from 0, < 2.1.0
• Go/github.com/dragonflyoss/dragonflyfrom 0, < 2.1.0
• Go/github.com/dragonflyoss/dragonflyfrom 0

CVSS 分數

參考連結(5)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2025-59350
• PATCHhttps://github.com/dragonflyoss/dragonfly
• WEBhttps://github.com/dragonflyoss/dragonfly/blob/main/docs/security/dragonfly-comprehensive-report-2023.pdf
• WEBhttps://github.com/dragonflyoss/dragonfly/security/advisories/GHSA-c2fc-9q9c-5486
• WEBhttps://pkg.go.dev/vuln/GO-2025-3972