4 matches found
CVE-2022-44310
creationtimestamp| type| source ---|---|--- 2023-02-24 22:19:23+00:00| seen| https://t.me/cibsecurity/58889...
CVE-2022-44310
In Development IL ecdh before 0.2.0, an attacker can send an invalid point not on the curve as the public key, and obtain the derived shared secret...
CVE-2022-44310
In Development IL ecdh before 0.2.0, an attacker can send an invalid point not on the curve as the public key, and obtain the derived shared secret...
CVE-2022-44310
CVE-2022-44310 affects the ecdh.js Node.js native module by Development IL, prior to version 0.2.0. The vulnerability arises when an attacker supplies a public key point that is not on the curve, allowing them to derive the shared secret due to improper validation of the point. This can lead to e...