CVE-2022-23806

Опубликовано: 18 фев. 2022

Источник: msrc

CVSS3: 9.1

EPSS Низкий

Описание

Описание отсутствует

Возможность эксплуатации

DOS

N/A

EPSS

Процентиль: 4%

0.00022

Низкий

9.1 Critical

CVSS3

Связанные уязвимости

CVE-2022-23806

CVSS3: 9.1

ubuntu

больше 3 лет назад

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.

CVE-2022-23806

CVSS3: 7.1

redhat

больше 3 лет назад

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.

CVE-2022-23806

CVSS3: 9.1

nvd

больше 3 лет назад

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.

CVE-2022-23806

CVSS3: 9.1

debian

больше 3 лет назад

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x bef ...

GHSA-8c83-vp4v-h7fq

CVSS3: 9.1

github

больше 3 лет назад

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.

EPSS

Процентиль: 4%

0.00022

Низкий

9.1 Critical

CVSS3