0.002 Low
EPSS
Percentile
54.6%
When using ECDH-ES an attacker can mount an invalid curve attack during decryption as the supplied public key is not checked to be on the same curve as the receivers private key.
github.com/square/go-jose/commit/c7581939a3656bb65e89d64da0a52364a33d2507
www.openwall.com/lists/oss-security/2016/11/03/1