Golang crypto/elliptic Denial-of-Service Vulnerability

description-logoDescription

The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.

affected-products-logoAffected Applications

Go Programming Language

CVE References

CVE-2022-28327