In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.

References

github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871

groups.google.com/g/golang-announce/c/mperVMGa98w

lists.debian.org/debian-lts-announce/2021/03/msg00014.html

lists.debian.org/debian-lts-announce/2021/03/msg00015.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWAYJGXWC232SG3UR3TR574E6BP3OSQQ/

security.gentoo.org/glsa/202208-02

security.netapp.com/advisory/ntap-20210219-0001/

www.debian.org/security/2021/dsa-4848

nessus 39

prion 1

openvas 13

osv 11

nvd 1

ubuntucve 1

alpinelinux 1

cbl_mariner 2

debiancve 1

redhatcve 1

f5 1

redhat 29

veracode 1

cve 1

ibm 14

suse 3

amazon 1

altlinux 2

freebsd 1

oraclelinux 2

rocky 2

almalinux 2

fedora 1

photon 5

archlinux 1

debian 3

gentoo 1

nessus

EulerOS 2.0 SP9 : golang (EulerOS-SA-2021-1947)

2021-06-03 00:00:00

RHEL 7 / 8 : OpenShift Container Platform 4.7.4 (RHSA-2021:0958)

2021-03-30 00:00:00

EulerOS 2.0 SP5 : golang (EulerOS-SA-2021-1901)

2021-05-18 00:00:00

prion

Design/Logic Flaw

2021-01-26 18:16:00

openvas

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2021-1874)

2021-05-19 00:00:00

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2021-1901)

2021-05-19 00:00:00

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2021-1947)

2021-06-07 00:00:00

osv

CVE-2021-3114

2021-01-26 18:16:27

BIT-golang-2021-3114

2024-03-06 11:05:58

Incorrect operations on the P-224 curve in crypto/elliptic

2022-02-17 17:34:14

nvd

CVE-2021-3114

2021-01-26 18:16:27

ubuntucve

CVE-2021-3114

2021-01-26 00:00:00

alpinelinux

CVE-2021-3114

2021-01-26 18:16:27

cbl_mariner

CVE-2021-3114 affecting package python-tensorboard for versions less than 2.16.2-2

2024-07-24 01:44:36

CVE-2021-3114 affecting package golang 1.15.5-1

2021-07-08 21:56:48

debiancve

CVE-2021-3114

2021-01-26 18:16:27

redhatcve

CVE-2021-3114

2021-08-01 08:40:57

K15405135 : GO vulnerability CVE-2021-3114

2021-11-10 00:00:00

redhat

(RHSA-2021:0958) Moderate: OpenShift Container Platform 4.7.4 security update

2021-03-30 03:56:20

(RHSA-2022:0308) Moderate: OpenShift Container Storage 3.11.z security and bug fix update

2022-01-27 13:03:28

(RHSA-2021:2095) Moderate: Release of OpenShift Serverless Client kn 1.14.1 security update

2021-05-24 15:40:42

veracode

Insecure Cryptographic Functions

2021-01-21 15:32:43

cve

CVE-2021-3114

2021-01-26 18:16:27

ibm

Security Bulletin: A security vulnerability in GO affects IBM Cloud Automation Manager

2021-05-11 14:50:26

Security Bulletin: A security vulnerability in GO affects IBM Cloud Pak for Multicloud Management Managed Service

2021-05-13 19:28:23

Security Bulletin: Vulnerabilities in Golang affect IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift (CVE-2021-3114, CVE-2021-3115)

2021-04-24 06:11:51

suse

Security update for go1.14 (moderate)

2021-01-30 00:00:00

Security update for go1.14 (moderate)

2021-01-29 00:00:00

Security update for go1.15 (moderate)

2021-01-29 00:00:00

amazon

Medium: golang

2021-02-19 01:24:00

altlinux

Security fix for the ALT Linux 9 package golang version 1.15.7-alt1

2021-01-20 00:00:00

Security fix for the ALT Linux 10 package golang version 1.15.7-alt1

2021-01-20 00:00:00

freebsd

go -- cmd/go: packages using cgo can cause arbitrary code execution at build time; crypto/elliptic: incorrect operations on the P-224 curve

2021-01-13 00:00:00

oraclelinux

go-toolset:ol8 security, bug fix, and enhancement update

2021-05-25 00:00:00

grafana security, bug fix, and enhancement update

2021-11-16 00:00:00

rocky

go-toolset:rhel8 security, bug fix, and enhancement update

2021-05-18 05:59:11

grafana security, bug fix, and enhancement update

2021-11-09 08:46:47

almalinux

Moderate: go-toolset:rhel8 security, bug fix, and enhancement update

2021-05-18 05:59:11

Moderate: grafana security, bug fix, and enhancement update

2021-11-09 08:46:47

fedora

[SECURITY] Fedora 33 Update: golang-1.15.7-1.fc33

2021-02-06 01:18:16

photon

Important Photon OS Security Update - PHSA-2021-0013

2021-04-22 00:00:00

Important Photon OS Security Update - PHSA-2021-4.0-0013

2021-04-22 00:00:00

Important Photon OS Security Update - PHSA-2021-0248

2021-06-04 00:00:00

archlinux

[ASA-202101-27] go: multiple issues

2021-01-20 00:00:00

debian

[SECURITY] [DSA 4848-1] golang-1.11 security update

2021-02-08 21:24:09

[SECURITY] [DLA 2591-1] golang-1.7 security update

2021-03-13 18:37:17

[SECURITY] [DLA 2592-1] golang-1.8 security update

2021-03-13 18:37:54

gentoo

Go: Multiple Vulnerabilities

2022-08-04 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

7.2

Confidence

High

EPSS

0.014

Percentile

86.6%

JSON

Related for CVELIST:CVE-2021-3114