CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
20.4%
github.com/ecies/go is vulnerable to Private Key Restoration. The vulnerability arises due to the Encapsulate()
and Decapsulate()
functions, which allows an attacker to possibly recover the private key due to an Invalid Curve Point. .