4 matches found
Vim < 9.2.0671 Out-of-Bounds Read (GHSA-c4j9-wr9j-4486)
The version of Vim installed on the remote host is prior to 9.2.0671. It is, therefore, affected by a vulnerability. - When Vim opens a file encrypted with the VimCrypt04! or VimCrypt05! method xchacha20poly1305, requires the +sodium feature whose body is shorter than a single libsodium...
CVE-2026-57452
Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt04! or VimCrypt05! method xchacha20poly1305, requires the +sodium feature whose body is shorter than a single libsodium secretstream header, an unsigned length calculation underflo...
CVE-2025-11931
Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...
In-band Protocol Negotiation And Robustness Weakness
aws-encryption-sdk suffers from an In-band protocol negotiation and robustness weakness. The SDK allows a unique ciphertext to be decrypted into different results due to the non-committing property of AES-GCM, and other AEAD ciphers such as AES-GCM-SIV, or XChaCha20Poly1305, when encrypting...