| modules: |
| - module: github.com/square/go-jose |
| versions: |
| - fixed: 1.0.4 |
| vulnerable_at: 1.0.3 |
| packages: |
| - package: github.com/square/go-jose/cipher |
| symbols: |
| - DeriveECDHES |
| - package: github.com/square/go-jose |
| symbols: |
| - JsonWebEncryption.Decrypt |
| - rawJsonWebKey.ecPublicKey |
| - ecDecrypterSigner.decryptKey |
| derived_symbols: |
| - JsonWebKey.UnmarshalJSON |
| summary: 'TODO(https://go.dev/issue/56443): fill in summary field' |
| description: | |
| When using ECDH-ES an attacker can mount an invalid curve attack during |
| decryption as the supplied public key is not checked to be on the same |
| curve as the receivers private key. |
| published: 2021-04-14T20:04:52Z |
| cves: |
| - CVE-2016-9121 |
| ghsas: |
| - GHSA-86r9-39j9-99wp |
| credits: |
| - Quan Nguyen from Google's Information Security Engineering Team |
| references: |
| - fix: https://github.com/square/go-jose/commit/c7581939a3656bb65e89d64da0a52364a33d2507 |
| - web: https://www.openwall.com/lists/oss-security/2016/11/03/1 |