Lucene search
Veracode Vulnerability DatabaseVERACODE:44568HistoryDec 05, 2023 - 6:19 a.m.
Private Key Restoration
2023-12-0506:19:08
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
private key
restoration
vulnerable
invalid curve point
software
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
AI Score
6.8
Confidence
High
EPSS
0.001
Percentile
20.4%
github.com/ecies/go is vulnerable to Private Key Restoration. The vulnerability arises due to the Encapsulate() and Decapsulate() functions, which allows an attacker to possibly recover the private key due to an Invalid Curve Point. .
Related
cvelist
cvelist
prion
prion
Code injection
2023-12-05 00:15:00
osv
osv
github.com/ecies/go vulnerable to possible private key restoration
2023-12-05 23:30:56
Private key recovery via invalid curve point in github.com/ecies/go/v2
2023-12-11 15:30:30
CVE-2023-49292
2023-12-05 00:15:09
nvd
nvd
CVE-2023-49292
2023-12-05 00:15:09
cve
cve
CVE-2023-49292
2023-12-05 00:15:09
alpinelinux
alpinelinux
CVE-2023-49292
2023-12-05 00:15:09
github
github
github.com/ecies/go vulnerable to possible private key restoration
2023-12-05 23:30:56
cbl_mariner
cbl_mariner
CVE-2023-49292 affecting package golang for versions less than 1.21.6-1
2024-09-30 09:32:24
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
AI Score
6.8
Confidence
High
EPSS
0.001
Percentile
20.4%
Related for VERACODE:44568