Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to an integer overflow in the wcCmacUpdate function. An attacker can generate forged CMAC tags by exploiting the wraparound of the totalSz variable after processing 4 GiB of data, which causes the...