On 32-bit platforms an attacker can manipulate a ciphertext encrypted with AES-CBC with HMAC such that they can control how large the input buffer is when computing the HMAC authentication tag. This can can allow a manipulated ciphertext to be verified as authentic, opening the door for padding oracle attacks.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/square/go-jose | lt | 0.0.0-20160903044734-789a4c4bd4c1 |