EUVD-2020-17721

Malware in sbrugna...

Noise-Java AESGCMOnCtrCipherState.encryptWithAd() Insufficient Boundary Checks Exploit

Noise-Java suffers from an issue located in the AESGCMOnCtrCipherState.encryptWithAd method defined in AESGCMOnCtrCipherState.java, where multiple boundary checks are performed to prevent invalid length or offsets from being specified for the encrypt or copy operation. However, some checks were...

CVE-2020-25023

An issue was discovered in Noise-Java through 2020-08-27. AESGCMOnCtrCipherState.encryptWithAd allows out-of-bounds access...

CVE-2020-25023

An issue was discovered in Noise-Java through 2020-08-27. AESGCMOnCtrCipherState.encryptWithAd allows out-of-bounds access...

Design/Logic Flaw

An issue was discovered in Noise-Java through 2020-08-27. AESGCMOnCtrCipherState.encryptWithAd allows out-of-bounds access...

CVE-2020-25023

Noise-Java contains an out-of-bounds access vulnerability in AESGCMOnCtrCipherState.encryptWithAd() (through 2020-08-27). The issue stems from incomplete/missing boundary checks, risking out-of-bounds reads/writes for large plaintext offsets, negative ciphertext offsets, or negative lengths. Docu...

CVE-2020-25023

An issue was discovered in Noise-Java through 2020-08-27. AESGCMOnCtrCipherState.encryptWithAd allows out-of-bounds access...

Noise-Java AESGCMOnCtrCipherState.encryptWithAd() Insufficient Boundary Checks

Vulnerability title: Noise-Java AESGCMOnCtrCipherState.encryptWithAd insufficient boundary checks Author: Pietro Oliva CVE: CVE-2020-25023 Vendor: Rhys Weatherley Creator of Noise Framework's reference implementation in Java Product: Noise-Java Affected version: No version information is currentl...