Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/vulndb: Go vuln in filippo.io/nistec #1595

Closed
FiloSottile opened this issue Feb 24, 2023 · 2 comments
Closed

x/vulndb: Go vuln in filippo.io/nistec #1595

FiloSottile opened this issue Feb 24, 2023 · 2 comments
Assignees
@neild
Labels
Direct External Report

Comments

@FiloSottile
Copy link
Contributor

Description

This is golang/go#58647.

Affected Modules, Packages, Versions and Symbols

Module: filippo.io/nistec
Package: filippo.io/nistec
Versions:
  - Fixed: v0.0.2
Symbols:
  - (*P256Point).p256ScalarMult
  - (*P256Point).p256BaseMult

Does this vulnerability already have an associated CVE ID?

Yes

CVE ID

CVE-2023-24532

Credit

No response

CWE ID

No response

Pull Request

No response

Commit

FiloSottile/nistec@c58aa12

References

Additional information

No response
@neild neild self-assigned this Feb 27, 2023
@neild
Copy link
Contributor

neild commented Feb 27, 2023

Thanks for the report. We're going to create separate reports for filippo.io/nistec and the stdlib fix for clarity. Assigning CVE-2023-24533 to this as pertaining to filippo.io/nistec.

@gopherbot
Copy link
Contributor

Change https://go.dev/cl/471795 mentions this issue: data/reports: add GO-2023-1595.yaml

gopherbot pushed a commit that referenced this issue Feb 28, 2023
@neild
data/reports: add GO-2023-1595.yaml
11c9bd8 
Aliases: CVE-2023-24533

Updates #1595

Change-Id: I37356016a3a6a99686877dfea6232744aa03c808
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/471795
Run-TryBot: Damien Neil <[email protected]>
Reviewed-by: Roland Shoemaker <[email protected]>
TryBot-Result: Gopher Robot <[email protected]>
@GoVulnBot GoVulnBot mentioned this issue Mar 1, 2023
Closed
@tatianab tatianab closed this as completed Mar 8, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@neild neild

Labels
Direct External Report
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@neild @FiloSottile @tatianab @gopherbot