blob: aebb228f87267a4199bfc85841d306bb52a42e50 [file] [log] [blame]
id: GO-2023-2380
modules:
- module: github.com/ecies/go/v2
versions:
- fixed: 2.0.8
vulnerable_at: 2.0.7
packages:
- package: github.com/ecies/go/v2
symbols:
- PrivateKey.Encapsulate
- PrivateKey.ECDH
- PublicKey.Decapsulate
derived_symbols:
- Decrypt
- Encrypt
summary: Private key recovery via invalid curve point in github.com/ecies/go/v2
description: |-
An attacker may be able to recover private keys due to a bug in the ECDH
function.
The library does not check whether the provided public key is on the curve,
which means that an attacker can create a public key that is not on the curve
and use it to recover the private key.
A workaround is to manually check that the public key is valid by calling the
IsOnCurve function from the secp256k1 libraries.
cves:
- CVE-2023-49292
ghsas:
- GHSA-8j98-cjfr-qx3h
references:
- advisory: https://github.com/ecies/go/security/advisories/GHSA-8j98-cjfr-qx3h
- fix: https://github.com/ecies/go/commit/c6e775163866d6ea5233eb8ec8530a9122101ebd
- web: https://github.com/ashutosh1206/Crypton/blob/master/Diffie-Hellman-Key-Exchange/Attack-Invalid-Curve-Point/README.md
review_status: REVIEWED