4 matches found
openSUSE 15 Security Update : go1.16 (openSUSE-SU-2022:0724-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0724-1 advisory. - Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption...
Design/Logic Flaw
Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element...
PT-2022-7693 · Google +7 · Go +7
Name of the Vulnerable Software and Affected Versions: Go versions prior to 1.16.14 Go versions 1.17.x prior to 1.17.7 Description: The issue is related to the Curve.IsOnCurve component in the Golang programming language, which is associated with incorrect checking of the return value of a method...
CVE-2022-23806
Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element...