CVE-2023-24533

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-24533

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-24533.json

Aliases

GHSA-f6hc-9g49-xmx7
GO-2023-1595

Published

2023-03-08T20:15:09Z

Modified

2023-11-29T09:53:36.674426Z

Details

Multiplication of certain unreduced P-256 scalars produce incorrect results. There are no protocols known at this time that can be attacked due to this.

References

https://github.com/FiloSottile/nistec/commit/c58aa1223ccf3943513e1e661cebce95af137244
https://go.dev/issue/58647
https://pkg.go.dev/vuln/GO-2023-1595

Affected packages

Git / github.com/FiloSottile/nistec

Affected ranges

Type: GIT
Repo: https://github.com/FiloSottile/nistec
Events: Introduced

0The exact introduced commit is unknown

Fixed

c58aa1223ccf3943513e1e661cebce95af137244

Type: GIT
Repo: https://github.com/filosottile/nistec
Events: Introduced

0The exact introduced commit is unknown

Fixed

c58aa1223ccf3943513e1e661cebce95af137244

Affected versions

v0.*

v0.0.1