Fluid Attacks Database

Description

Elliptic Curve Key Disclosure in go-jose go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. When deriving a shared key using ECDH-ES for an encrypted message, go-jose neglected to check that the received public key on a message is on the same curve as the static private key of the receiver, thus making it vulnerable to an invalid curve attack.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
go	gopkg.in/square/go-jose.v1	>=0 <1.0.4	1.0.4
go	github.com/square/go-jose	>=0 <1.0.4	1.0.4
debian 14	golang-gopkg-square-go-jose.v1	>=0 <1.0.5-1	1.0.5-1
debian 11	golang-gopkg-square-go-jose.v1	>=0 <1.0.5-1	1.0.5-1
debian 12	golang-gopkg-square-go-jose.v1	>=0 <1.0.5-1	1.0.5-1
debian 13	golang-gopkg-square-go-jose.v1	>=0 <1.0.5-1	1.0.5-1

Aliases

1. CVE-2016-91212. NVD-2016-91213. OSV-2016-91214. OSV-DEBIAN-2016-91215. GCVE-2016-91216. SECURITY-TRACKER-CVE-2016-9121

References

1. https://github.com/square/go-jose/commit/c7581939a3656bb65e89d64da0a52364a33d25072. https://hackerone.com/reports/1645903. https://pkg.go.dev/vuln/GO-2020-00104. https://www.openwall.com/lists/oss-security/2016/11/03/1