Astra Linux - уязвимость в golang-1.19

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return incorrect results if called with certain specific unreduced scalars scalars that are larger than the order of the curve. This does not affect the usage of crypto/ecdsa or crypto/ecdh...

EUVD-2017-17872

Malware in sbrugna...

EUVD-2021-1520

Malware in sbrugna...

EUVD-2023-28550

Malicious code in bioql PyPI...

CBL Mariner 2.0 Security Update: golang (CVE-2023-24532)

The version of golang installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-24532 advisory. - The ScalarMult and ScalarBaseMult methods of the P256 Curve May return an incorrect result if called with so...

CVE-2017-1000168

sodiumoxide 0.0.13 and older scalarmult vulnerable to degenerate public keys...

Linux Distros Unpatched Vulnerability : CVE-2023-24532

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than t...

BIT-GOLANG-2023-24532 Incorrect calculation on P256 curves in crypto/internal/nistec

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an incorrect result in the ScalarMult and ScalarBaseMult methods in Golang Go (CVE-2023-24532)

Summary Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an incorrect result in the ScalarMult and ScalarBaseMult methods in Golang Go with an unknown impact and attack vector.CVE-2023-24532. Golang Go is included in the operators used by our...

Security Bulletin: Operations Dashboard is vulnerable to unspecified errors due to Go (CVE-2023-24532)

Summary Operations Dashboard is vulnerable to unspecified errors due to Go CVE-2023-24532 with details below. Vulnerability Details CVEID:CVE-2023-24532 DESCRIPTION: An unspecified error with return an incorrect result in the ScalarMult and ScalarBaseMult methods of the P256 Curve in Golang Go ha...

Security Bulletin: IBM Event Streams is affected by vulnerabilities in Golang Go (CVE-2022-41724, CVE-2023-24532)

Summary These security vulnerabilities affect Golang Go that is used by IBM Event Streams. Vulnerability Details CVEID:CVE-2022-41724 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw when processing large TLS handshake records. By sending specially-crafted TLS handsha...

CVE-2023-24532

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

Code injection

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

CVE-2023-24532

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

CVE-2023-24532 Incorrect calculation on P256 curves in crypto/internal/nistec

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

CVE-2023-24532

CVE-2023-24532 involves the ScalarMult and ScalarBaseMult methods on the Go golang P256 curve. The vulnerability can yield an incorrect result when invoked with certain unreduced scalars larger than the curve order. The issue does not affect usages of crypto/ecdsa or crypto/ecdh. Public advisorie...

CVE-2023-24532 Incorrect calculation on P256 curves in crypto/internal/nistec

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

GO-2023-1621 Incorrect calculation on P256 curves in crypto/internal/nistec

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

Allocation of Resources Without Limits or Throttling

Overview std/crypto/internal/nistec is a Go standard library package std/crypto/internal/nistec Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report: in the ScalarMult or ScalarBaseMult process when provided with certain...

FreeBSD : go -- crypto/elliptic: incorrect P-256 ScalarMult and ScalarBaseMult results (742279d6-bdbe-11ed-a179-2b68e9d12706)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 742279d6-bdbe-11ed-a179-2b68e9d12706 advisory. - The Go project reports: crypto/elliptic: incorrect P-256 ScalarMult and ScalarBaseMult results The...