A crafted scalar input longer than 32 bytes can cause P256().ScalarMult or P256().ScalarBaseMult to panic. Indirect uses through crypto/ecdsa and crypto/tls are unaffected. amd64, arm64, ppc64le, and s390x are unaffected.
{ "review_status": "REVIEWED", "url": "https://pkg.go.dev/vuln/GO-2022-0435" }