Vulnerabilities > CVE-2022-28327

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
golang
fedoraproject

Summary

The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.

Vulnerable Configurations

Part Description Count
Application
Golang
233
Application
Fedoraproject
2
OS
Fedoraproject
3

References