Lucene search
K

62 matches found

OSV
OSV
added 2024/03/18 5:15 a.m.8 views

CVE-2018-25099

In the CryptX module before 0.062 for Perl, gcmdecryptverify and chacha20poly1305decryptverify do not verify the tag...

9.8CVSS9.5AI score
Exploits0References3
OSV
OSV
added 2024/03/18 5:15 a.m.6 views

UBUNTU-CVE-2018-25099

In the CryptX module before 0.062 for Perl, gcmdecryptverify and chacha20poly1305decryptverify do not verify the tag...

9.8CVSS5.8AI score0.00489EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2024/03/18 5:15 a.m.20 views

CVE-2018-25099

In the CryptX module before 0.062 for Perl, gcmdecryptverify and chacha20poly1305decryptverify do not verify the tag...

9.8CVSS5.8AI score0.00489EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2024/03/18 12:0 a.m.10 views

CVE-2018-25099

In the CryptX module before 0.062 for Perl, gcmdecryptverify and chacha20poly1305decryptverify do not verify the tag...

7.2AI score0.00489EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/03/18 12:0 a.m.17 views

CVE-2018-25099

In the CryptX module before 0.062 for Perl, gcmdecryptverify and chacha20poly1305decryptverify do not verify the tag...

6.5AI score0.00489EPSS
Exploits0References3
CVE
CVE
added 2024/03/18 12:0 a.m.66 views

CVE-2018-25099

The CVE-2018-25099 issue affects the CryptX Perl module prior to 0.062, where gcm_decrypt_verify() and chacha20poly1305_decrypt_verify() fail to verify the authentication tag. This can lead to input tampering without detection, as summarized in multiple advisories. Public mentions show remediatio...

9.8CVSS6.8AI score0.00489EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/03/18 12:0 a.m.12 views

CVE-2018-25099

In the CryptX module before 0.062 for Perl, gcmdecryptverify and chacha20poly1305decryptverify do not verify the tag...

9.8CVSS9.5AI score0.00489EPSS
Exploits0
OSV
OSV
added 2023/11/22 12:0 p.m.4 views

RUSTSEC-2023-0096 Plaintext exposed in decrypt_in_place_detached even on tag verification failure

Summary In the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. Impact If a program using the aes-gcm crate's decryptinplace APIs accesses the buffer after decryption failure, it will contain a...

4.7CVSS7AI score0.00262EPSS
Exploits1References3
RustSec
RustSec
added 2023/11/22 12:0 p.m.6 views

Plaintext exposed in decrypt_in_place_detached even on tag verification failure

Summary In the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. Impact If a program using the aes-gcm crate's decryptinplace APIs accesses the buffer after decryption failure, it will contain a...

5.5CVSS7.1AI score0.00262EPSS
Exploits1Affected Software1
Github Security Blog
Github Security Blog
added 2023/09/22 4:11 p.m.30 views

AEADs/aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure

Summary In the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. Impact If a program using the aes-gcm crate's decryptinplace APIs accesses the buffer after decryption failure, it will contain a...

5.5CVSS7.2AI score0.00262EPSS
Exploits1References8Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/22 3:19 p.m.4 views

CVE-2023-42811 AEADs/aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure

aes-gcm is a pure Rust implementation of the AES-GCM. Starting in version 0.10.0 and prior to version 0.10.3, in the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. If a program using the aes-gcm...

4.7CVSS5AI score0.00262EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2023/09/22 3:19 p.m.4 views

CVE-2023-42811

aes-gcm is a pure Rust implementation of the AES-GCM. Starting in version 0.10.0 and prior to version 0.10.3, in the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. If a program using the aes-gcm...

5.5CVSS7.2AI score0.00262EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2023/09/08 2:15 a.m.4 views

CVE-2023-40271

In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator, when the CryptoCell PSA Driver software Interface is selected, and the Authenticated Encryption with Associated Data Chacha20-Poly1305 algorithm is used, with the single-part verification function...

7.5CVSS6AI score0.00323EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/03/15 12:0 a.m.9 views

PT-2023-20477 · Arm · Arm Aarch64Cryptolib

Name of the Vulnerable Software and Affected Versions: Arm AArch64cryptolib versions before 86065c6 Description: The issue concerns the armv8 dec aes gcm full API, which fails to verify the authentication tag of AES-GCM protected data. This failure is due to an improperly initialized variable,...

3.7CVSS7.4AI score0.00362EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/03/15 12:0 a.m.32 views

CVE-2023-26084

The armv8decaesgcmfull API of Arm AArch64cryptolib before 86065c6 fails to the verify the authentication tag of AES-GCM protected data, leading to a man-in-the-middle attack. This occurs because of an improperly initialized variable...

4.7AI score0.00362EPSS
Exploits0References1
Node.js
Node.js
added 2021/04/19 3:8 p.m.63 views

Observable timing discrepancy

Overview Overview Affected versions of jose are vulnerable to a Padding Oracle Attack due to Observable Timing Discrepancy. Impact AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed...

4.3CVSS5.6AI score0.01167EPSS
Exploits0Affected Software1
OSV
OSV
added 2021/04/19 2:59 p.m.16 views

GHSA-4V4G-726H-XVFV Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-esm-runtime

Impact AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed JWEDecryptionFailed would be thrown. But a possibly observable difference in timing when padding error would occur while...

5.9CVSS6AI score0.01238EPSS
Exploits0References4
OSV
OSV
added 2021/04/19 2:58 p.m.33 views

GHSA-94HH-PJJG-RWMR Padding Oracle Attack due to Observable Timing Discrepancy in jose-browser-runtime

Impact AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed JWEDecryptionFailed would be thrown. But a possibly observable difference in timing when padding error would occur while...

5.9CVSS6AI score0.01238EPSS
Exploits0References4
NVD
NVD
added 2021/04/16 10:15 p.m.48 views

CVE-2021-29446

jose-node-cjs-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed...

5.9CVSS0.01238EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/04/16 10:0 p.m.18 views

CVE-2021-29446 Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-cjs-runtime

jose-node-cjs-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed...

5.9CVSS6.4AI score0.01238EPSS
Exploits0References2
Rows per page
Query Builder