{"id":"GO-2021-0319","summary":"Incorrect computation for some invalid field elements in crypto/elliptic","details":"Some big.Int values that are not valid field elements (negative or overflowing) might cause Curve.IsOnCurve to incorrectly return true. Operating on those values may cause a panic or an invalid curve operation. Note that Unmarshal will never return such values.","aliases":["BIT-golang-2022-23806","CVE-2022-23806"],"modified":"2026-03-17T04:09:40.733482Z","published":"2022-05-23T22:15:21Z","database_specific":{"review_status":"REVIEWED","url":"https://pkg.go.dev/vuln/GO-2021-0319"},"references":[{"type":"FIX","url":"https://go.dev/cl/382455"},{"type":"FIX","url":"https://go.googlesource.com/go/+/7f9494c277a471f6f47f4af3036285c0b1419816"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ"},{"type":"REPORT","url":"https://go.dev/issue/50974"}],"affected":[{"package":{"name":"stdlib","ecosystem":"Go","purl":"pkg:golang/stdlib"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.16.14"},{"introduced":"1.17.0-0"},{"fixed":"1.17.7"}]}],"ecosystem_specific":{"imports":[{"path":"crypto/elliptic","symbols":["CurveParams.IsOnCurve","p384PointFromAffine","p521PointFromAffine"]}]},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2021-0319.json"}}],"schema_version":"1.7.5","credits":[{"name":"Guido Vranken"}]}