cve/CVE-2022-23806.md at c052d0d6949679697108fa931a00cd4220694869

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-31 10:40:54 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

951 B

Raw Blame History

CVE-2022-23806

Description

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.

POC

Reference

https://www.oracle.com/security-alerts/cpujul2022.html

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/MNeverOff/ipmi-server
https://github.com/MrE-Fog/cryptofuzz
https://github.com/guidovranken/cryptofuzz
https://github.com/henriquebesing/container-security
https://github.com/kb5fls/container-security
https://github.com/ruzickap/malware-cryptominer-container

951 B Raw Blame History

CVE-2022-23806

Description

POC

Reference

Github

951 B

Raw Blame History