Lucene search
+L

5 matches found

github
github
added 2021/06/23 5:17 p.m.74 views

Elliptic Curve Key Disclosure in go-jose

go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. When deriving a shared key using ECDH-ES for an encrypted message, go-jose neglected to check that the received public key on a message is on the same curve as the static private key of the receiver, thus making ...

9.1CVSS2.7AI score0.01411EPSS
Exploits0References6Affected Software2
ubuntucve
ubuntucve
added 2017/03/28 2:59 a.m.15 views

CVE-2016-9121

go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. When deriving a shared key using ECDH-ES for an encrypted message, go-jose neglected to check that the received public key on a message is on the same curve as the static private key of the receiver, thus making ...

9.1CVSS7.2AI score0.01411EPSS
Exploits0References4
prion
prion
added 2017/03/28 2:59 a.m.19 views

Code injection

go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. When deriving a shared key using ECDH-ES for an encrypted message, go-jose neglected to check that the received public key on a message is on the same curve as the static private key of the receiver, thus making ...

6.4CVSS6.8AI score0.01411EPSS
Exploits0References3Affected Software1
osv
osv
added 2017/03/28 2:59 a.m.21 views

CVE-2016-9121

go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. When deriving a shared key using ECDH-ES for an encrypted message, go-jose neglected to check that the received public key on a message is on the same curve as the static private key of the receiver, thus making ...

9.1CVSS6.7AI score
Exploits0References3
cvelist
cvelist
added 2017/03/28 2:46 a.m.30 views

CVE-2016-9121

go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. When deriving a shared key using ECDH-ES for an encrypted message, go-jose neglected to check that the received public key on a message is on the same curve as the static private key of the receiver, thus making ...

9.2AI score0.01411EPSS
Exploits0References3
Rows per page
Query Builder