CVE-2016-9123

2017-03-2802:59:00

Debian Security Bug Tracker

security-tracker.debian.org

0.001 Low

EPSS

Percentile

46.7%

JSON

go-jose before 1.0.5 suffers from a CBC-HMAC integer overflow on 32-bit architectures. An integer overflow could lead to authentication bypass for CBC-HMAC encrypted ciphertexts on 32-bit architectures.

OSVersionArchitecturePackageVersionFilename
Debian12allgolang-gopkg-square-go-jose.v1< 1.0.5-1golang-gopkg-square-go-jose.v1_1.0.5-1_all.deb
Debian11allgolang-gopkg-square-go-jose.v1< 1.0.5-1golang-gopkg-square-go-jose.v1_1.0.5-1_all.deb
Debian10allgolang-gopkg-square-go-jose.v1< 1.0.5-1golang-gopkg-square-go-jose.v1_1.0.5-1_all.deb
Debian999allgolang-gopkg-square-go-jose.v1< 1.0.5-1golang-gopkg-square-go-jose.v1_1.0.5-1_all.deb
Debian13allgolang-gopkg-square-go-jose.v1< 1.0.5-1golang-gopkg-square-go-jose.v1_1.0.5-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	golang-gopkg-square-go-jose.v1	< 1.0.5-1	golang-gopkg-square-go-jose.v1_1.0.5-1_all.deb
Debian	11	all	golang-gopkg-square-go-jose.v1	< 1.0.5-1	golang-gopkg-square-go-jose.v1_1.0.5-1_all.deb
Debian	10	all	golang-gopkg-square-go-jose.v1	< 1.0.5-1	golang-gopkg-square-go-jose.v1_1.0.5-1_all.deb
Debian	999	all	golang-gopkg-square-go-jose.v1	< 1.0.5-1	golang-gopkg-square-go-jose.v1_1.0.5-1_all.deb
Debian	13	all	golang-gopkg-square-go-jose.v1	< 1.0.5-1	golang-gopkg-square-go-jose.v1_1.0.5-1_all.deb

0.001 Low

EPSS

Percentile

46.7%

JSON

Related for DEBIANCVE:CVE-2016-9123