Описание
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.
A flaw detected in golang: crypto/elliptic, in which P-224 keys as generated can return incorrect inputs, reducing the strength of the cryptography. The highest threat from this vulnerability is confidentiality and integrity.
Отчет
OpenShift ServiceMesh (OSSM) 1.1 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities because it is now in the Maintenance Phase of the support.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| OpenShift Serverless | CLI | Affected | ||
| OpenShift Serverless | knative-eventing | Affected | ||
| OpenShift Service Mesh 1 | ior | Out of support scope | ||
| OpenShift Service Mesh 1 | kiali | Out of support scope | ||
| OpenShift Service Mesh 1 | servicemesh | Out of support scope | ||
| OpenShift Service Mesh 1 | servicemesh-cni | Out of support scope | ||
| OpenShift Service Mesh 1 | servicemesh-grafana | Out of support scope | ||
| OpenShift Service Mesh 1 | servicemesh-operator | Out of support scope | ||
| OpenShift Service Mesh 1 | servicemesh-prometheus | Out of support scope | ||
| OpenShift Service Mesh 1 | servicemesh-proxy | Out of support scope |
Показывать по
Дополнительная информация
Статус:
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go ...
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.
EPSS
6.5 Medium
CVSS3