cvedb.io
CVE-2023-24532
MEDIUM · CVSS 5.3
EPSS exploitation probability: 0%
Published 2023-03-08T20:15:09.413 · Last modified 2026-06-17T05:39:28.600

Summary

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve). This does not impact usages of crypto/ecdsa or crypto/ecdh.

Affected products

golang — go

Does this affect you?

Add your gear to cvedb and we'll alert you only when golang ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.