Описание
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| golang-1.15 | fixed | 1.15.7-1 | package | |
| golang-1.11 | removed | package | ||
| golang-1.8 | removed | package | ||
| golang-1.7 | removed | package |
Примечания
https://github.com/golang/go/issues/43786
https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871 (master)
https://github.com/golang/go/commit/5c8fd727c41e31273923c32b33d4f25855f4e123 (1.15.7)
EPSS
Связанные уязвимости
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.
EPSS