Lucene search
+L

17 matches found

OSV
OSV
added 2024/03/06 10:57 a.m.27 views

BIT-GOLANG-2023-24532 Incorrect calculation on P256 curves in crypto/internal/nistec

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

5.3CVSS7.3AI score0.0081EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/05/25 8:10 a.m.3 views

golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results

A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecds...

5.3CVSS6.6AI score0.0081EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/05/25 7:58 a.m.5 views

golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results

A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecds...

5.3CVSS6.6AI score0.0081EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/03/10 4:2 a.m.5 views

SUSE CVE-2023-24533

Multiplication of certain unreduced P-256 scalars produce incorrect results. There are no protocols known at this time that can be attacked due to this...

7.5CVSS7AI score0.00674EPSS
Exploits0References3
OSV
OSV
added 2023/03/08 8:15 p.m.1 views

DEBIAN-CVE-2023-24532

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

5.3CVSS6.2AI score0.0081EPSS
Exploits0References1
OSV
OSV
added 2023/03/08 8:15 p.m.6 views

AZL-37373 CVE-2023-24532 affecting package golang for versions less than 1.21.6-1

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

5.3CVSS6.6AI score0.0081EPSS
Exploits0References1
OSV
OSV
added 2023/03/08 8:15 p.m.8 views

AZL-37385 CVE-2023-24532 affecting package golang for versions less than 1.21.6-1

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

5.3CVSS6.6AI score0.0081EPSS
Exploits0References1
OSV
OSV
added 2023/03/08 8:15 p.m.5 views

AZL-52875 CVE-2023-24532 affecting package golang for versions less than 1.20.2-1

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

5.3CVSS6.6AI score0.0081EPSS
Exploits0References1
NVD
NVD
added 2023/03/08 8:15 p.m.29 views

CVE-2023-24532

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

5.3CVSS7.2AI score0.0081EPSS
Exploits0References5
OSV
OSV
added 2023/03/08 8:15 p.m.6 views

AZL-78976 CVE-2023-24532 affecting package golang 1.25.7-1

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

5.3CVSS6.6AI score0.0081EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/08 7:40 p.m.22 views

CVE-2023-24532 Incorrect calculation on P256 curves in crypto/internal/nistec

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

6.8AI score0.0081EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/03/08 7:40 p.m.46 views

CVE-2023-24532 Incorrect calculation on P256 curves in crypto/internal/nistec

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

7.5AI score0.0081EPSS
Exploits0References4
OSV
OSV
added 2023/03/08 7:30 p.m.45 views

GO-2023-1621 Incorrect calculation on P256 curves in crypto/internal/nistec

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

5.3CVSS7.4AI score0.0081EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/03/08 4:0 a.m.3 views

SUSE CVE-2023-24532

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

7.4CVSS6.5AI score0.0081EPSS
Exploits0References13
UbuntuCve
UbuntuCve
added 2023/03/08 12:0 a.m.48 views

CVE-2023-24532

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

5.3CVSS6.8AI score0.0081EPSS
Exploits0References6
OSV
OSV
added 2023/03/01 10:36 p.m.57 views

GHSA-F6HC-9G49-XMX7 nistec has Incorrect Calculation in Multiplication of unreduced P-256 scalars

Multiplication of certain unreduced P-256 scalars produce incorrect results. There are no protocols known at this time that can be attacked due to this. From the fix commit notes: Unlike the rest of nistec, the P-256 assembly doesn't use complete addition formulas, meaning that...

7.5CVSS7.3AI score0.00674EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/02/28 12:0 a.m.1 views

PT-2023-19679 · Filippo.Io/Nistec +3 · Filippo.Io/Nistec +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns the multiplication of certain unreduced P-256 scalars, which can produce incorrect results. However, there are no known protocols tha...

7.5CVSS7.2AI score0.00674EPSS
Exploits0References9
Rows per page
Query Builder