Google Tink 安全漏洞

Google Tink is a multi-language, cross-platform development library providing cryptographic APIs from Google, Inc. A security vulnerability exists in Google Tink versions prior to 2.1.3, which stems from a crypto tink JsonKeysetReader may crash due to invalid input...

Google Tink Data Forgery Issue Vulnerability

Tink is the United States Google Google a multi-language cross-platform to provide encryption API of a development library. A security vulnerability exists in versions of Tink prior to 1.5, which stems from incorrect handling of invalid unicode characters and can be exploited by an attacker to...

ai.catboost:catboost-spark_4.0_2.13 (=1.2.10), ai.catboost:catboost-spark_4.1_2.13 (=1.2.10) +754 more potentially affected by CVE-2020-8929 via com.google.crypto.tink:tink (>=1.0.0 <=1.4.0)

com.google.crypto.tink:tink MAVEN version =1.0.0, =1.1.0, =1.1.0, =1.3.0-alpha07, =1.3.0-alpha07, =2.4.0, =2.4.0, =2.3.1, =0.1.0, =0.1.3-20210127.1838-76ab4fc, =0.1.0, =0.1.3-20200811-2e41939 and more Source cves: CVE-2020-8929 Source advisory: OSV:GHSA-G5VF-V6WF-7W2R...