Some big.Int values that are not valid field elements (negative or overflowing) might cause Curve.IsOnCurve to incorrectly return true. Operating on those values may cause a panic or an invalid curve operation. Note that Unmarshal will never return such values.

CPENameOperatorVersion
stdlibge1.17.0-0
stdliblt1.17.7
stdliblt1.16.14

Name	Operator	Version
stdlib	ge	1.17.0-0
stdlib	lt	1.17.7
stdlib	lt	1.16.14

References

go.dev/cl/382455

go.dev/issue/50974

go.googlesource.com/go/+/7f9494c277a471f6f47f4af3036285c0b1419816

groups.google.com/g/golang-announce/c/SUsQn0aSgPQ

alpinelinux 1

debiancve 1

ubuntucve 1

cbl_mariner 2

prion 1

ibm 24

cve 1

redhatcve 1

osv 7

nvd 1

veracode 1

cvelist 1

nessus 41

openvas 14

suse 2

altlinux 1

debian 3

redhat 19

amazon 5

mageia 1

freebsd 1

oraclelinux 2

photon 7

almalinux 1

rocky 1

gentoo 1

oracle 1

alpinelinux

CVE-2022-23806

2022-02-11 01:15:07

debiancve

CVE-2022-23806

2022-02-11 01:15:07

ubuntucve

CVE-2022-23806

2022-02-11 00:00:00

cbl_mariner

CVE-2022-23806 affecting package golang 1.17.13-2

2022-02-25 01:45:48

CVE-2022-23806 affecting package golang for versions less than 1.18.8-3

2022-04-26 19:57:46

prion

Design/Logic Flaw

2022-02-11 01:15:00

ibm

Security Bulletin: Watson CP4D Data Stores is vulnerable to Golang Go denial of service vulnerability ( CVE-2022-23806)

2023-07-12 16:02:12

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Golang Go (CVE-2022-23806)

2023-01-12 21:59:00

Security Bulletin: Operations Dashboard is vulnerable to Go CVE-2022-23806

2022-04-08 14:54:10

cve

CVE-2022-23806

2022-02-11 01:15:07

redhatcve

CVE-2022-23806

2022-02-11 10:46:58

osv

BIT-golang-2022-23806

2024-03-06 11:02:30

CVE-2022-23806

2022-02-11 01:15:07

golang-1.7 - security update

2022-04-28 00:00:00

nvd

CVE-2022-23806

2022-02-11 01:15:07

veracode

Remote Code Execution (RCE)

2022-02-14 08:44:04

cvelist

CVE-2022-23806

2022-02-11 00:00:00

nessus

SUSE SLES15 / openSUSE 15 Security Update : google-osconfig-agent (SUSE-SU-2023:0602-1)

2023-03-03 00:00:00

SUSE SLES15 / openSUSE 15 Security Update : google-guest-agent (SUSE-SU-2023:0600-1)

2023-03-03 00:00:00

SUSE SLES12 Security Update : google-guest-agent (SUSE-SU-2023:0603-1)

2023-03-03 00:00:00

openvas

SUSE: Security Advisory (SUSE-SU-2022:0724-1)

2022-03-05 00:00:00

SUSE: Security Advisory (SUSE-SU-2022:0723-1)

2022-03-05 00:00:00

openSUSE: Security Advisory for go1.17 (openSUSE-SU-2022:0723-1)

2022-03-05 00:00:00

suse

Security update for go1.16 (important)

2022-03-04 00:00:00

Security update for go1.17 (important)

2022-03-04 00:00:00

altlinux

Security fix for the ALT Linux 10 package golang version 1.17.7-alt1

2022-02-11 00:00:00

debian

[SECURITY] [DLA 2986-1] golang-1.8 security update

2022-04-28 09:57:43

[SECURITY] [DLA 2985-1] golang-1.7 security update

2022-04-28 09:57:28

[SECURITY] [DLA 3395-1] golang-1.11 security update

2023-04-19 21:42:48

redhat

(RHSA-2022:4860) Moderate: Release of OpenShift Serverless Client kn 1.22.1

2022-06-01 09:10:05

(RHSA-2022:6094) Moderate: OpenShift Container Platform 4.10.28 packages and security update

2022-08-23 18:05:37

(RHSA-2022:5875) Moderate: OpenShift Container Platform 4.10.26 security update

2022-08-09 02:26:20

amazon

Medium: golang

2023-02-15 00:23:00

Important: golang

2022-07-06 03:11:00

Important: golang

2022-04-25 03:47:00

mageia

Updated golang packages fix security vulnerability

2022-03-08 02:10:22

freebsd

go -- multiple vulnerabilities

2022-02-10 00:00:00

oraclelinux

go-toolset:ol8addon security update

2022-06-08 00:00:00

go-toolset:ol8 security and bug fix update

2022-05-17 00:00:00

photon

Critical Photon OS Security Update - PHSA-2022-0159

2022-03-02 00:00:00

Critical Photon OS Security Update - PHSA-2022-0364

2022-02-22 00:00:00

Critical Photon OS Security Update - PHSA-2022-4.0-0159

2022-03-07 00:00:00

almalinux

Moderate: go-toolset:rhel8 security and bug fix update

2022-05-10 06:29:31

rocky

go-toolset:rhel8 security and bug fix update

2022-05-10 06:29:31

gentoo

Go: Multiple Vulnerabilities

2022-08-04 00:00:00

oracle

Oracle Critical Patch Update Advisory - July 2022

2022-07-19 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

9.2 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.0%

JSON

Related for OSV:GO-2021-0319