{"id":"GO-2022-1053","summary":"Incorrect signatures in github.com/supranational/blst","details":"Potential creation of an invalid signature from correct inputs.\n\nSome inputs to the blst_fp_eucl_inverse function can produce incorrect outputs. This could theoretically permit the creation of an invalid signature from correct inputs.","aliases":["GHSA-x279-68rr-jp4p"],"modified":"2024-05-20T16:03:47Z","published":"2022-10-18T15:13:24Z","database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-1053","review_status":"REVIEWED"},"references":[{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-x279-68rr-jp4p"},{"type":"FIX","url":"https://github.com/supranational/blst/commit/dd980e7f81397895705c49fcb4f52e485bb45e21"}],"affected":[{"package":{"name":"github.com/supranational/blst","ecosystem":"Go","purl":"pkg:golang/github.com/supranational/blst"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.3.0"},{"fixed":"0.3.3"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/supranational/blst/bindings/go"}]},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2022-1053.json"}}],"schema_version":"1.7.3"}