Vulnerability CVE-2022-44310
Published: 2023-02-24

Description:
In Development IL ecdh before 0.2.0, an attacker can send an invalid point (not on the curve) as the public key, and obtain the derived shared secret.

 References:
https://github.com/developmentil/ecdh/issues/3
Copyright 2026, cxsecurity.com

 

Back to Top