Chacha20Poly1305 key-encryption algorithm discards the Poly1305 authentication tag, performing no authentication on decryption

Impact The experimental Chacha20Poly1305 key-encryption algorithm generates the 16-byte Poly1305 authentication tag during encryptKey but discards it: the tag is never written to the header and therefore never reaches the wire. On the receiving side, decryptKey calls...

libcrux-aead (>=0.0.4 <=0.0.8-rc.2) potentially affected by unknown CVE via libcrux-chacha20poly1305 (>=0.0.4 <=0.0.8-rc.2)

libcrux-chacha20poly1305 CARGO version =0.0.4, =0.0.4, =0.0.8-rc.2 Source cves: unknown CVE Source advisory: OSV:GHSA-HC3C-63HC-2R9F...

libcrux-aead (>=0.0.4 <=0.0.8-rc.2) potentially affected by unknown CVE via libcrux-chacha20poly1305 (>=0.0.4 <=0.0.8-rc.2)

libcrux-chacha20poly1305 CARGO version =0.0.4, =0.0.4, =0.0.8-rc.2 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0124...

SUSE CVE-2018-25099

In the CryptX module before 0.062 for Perl, gcmdecryptverify and chacha20poly1305decryptverify do not verify the tag...

DEBIAN-CVE-2018-25099

In the CryptX module before 0.062 for Perl, gcmdecryptverify and chacha20poly1305decryptverify do not verify the tag...

CVE-2018-25099

In the CryptX module before 0.062 for Perl, gcmdecryptverify and chacha20poly1305decryptverify do not verify the tag...

LibTomCrypt Security Vulnerability

LibTomCrypt is a modular portable cryptographic tool that focuses on block ciphers, one-way hash functions, linking patterns and pseudo-random number generators for developers. A security vulnerability exists in LibTomCrypt versions prior to 0.062, which stems from a security flaw in the function...

LibTomCrypt Security Vulnerability

LibTomCrypt is a modular portable cryptographic tool that focuses on block ciphers, one-way hash functions, linking patterns and pseudo-random number generators for developers. A security vulnerability exists in LibTomCrypt versions prior to 0.062, which stems from a security flaw in the function...

GO-2022-0968 Panic on malformed packets in golang.org/x/crypto/ssh

Unauthenticated clients can cause a panic in SSH servers. When using AES-GCM or ChaCha20Poly1305, consuming a malformed packet which contains an empty plaintext causes a panic...

x/crypto/ssh vulnerable to panic via malformed packets

The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an unauthenticated attacker to panic an SSH server. When using AES-GCM or ChaCha20Poly1305, consuming a malformed packet which contains an empty plaintext causes a panic...

GHSA-GWC9-M7RH-J2WW x/crypto/ssh vulnerable to panic via malformed packets

The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an unauthenticated attacker to panic an SSH server. When using AES-GCM or ChaCha20Poly1305, consuming a malformed packet which contains an empty plaintext causes a panic...

Cypher - Crypto Cipher Encode Decode Hash

All in one tools for CRYPTOLOGY. Instagram: Capture the Root Screenshots !https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzEISVu6IIqjydF1vTUDcdbKWD8Vdi1BM5fQfCGuAnFRSCrZIh04d17YDeNKsRw0CRJD8cQmlIloLRldnU-Rounz7YQAvc7MOENa22PJkMajWGZvAelxpm3EoWCFL0BCnfBRMV4Ly99Y/w640-h36...

aesni (>=0.7.0 <=0.9.0), aries-askar (=0.1.2) +28 more potentially affected by unknown CVE via stream-cipher (>=0.4.1 <=0.7.1)

stream-cipher CARGO version =0.4.1, =0.7.0, =0.1.1, =0.1.1, =0.1.0, =0.4.0, =0.5.0, =0.2.0, =0.1.1, =0.1.0, =0.1.0, =0.1.0-pre.1, =0.1.0, =0.3.1, =0.3.9 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2020-0058...

ChaCha20 counter overflow can expose repetitions in the keystream

The ChaCha20 stream cipher can produce a maximum of 2^32 blocks 256GB before the 32-bit counter overflows. Releases of the chacha20 crate prior to v0.2.3 allow generating keystreams larger than this, including seeking past the limit. When this occurs, the keystream is duplicated, with failure mod...

RUSTSEC-2019-0029 ChaCha20 counter overflow can expose repetitions in the keystream

The ChaCha20 stream cipher can produce a maximum of 2^32 blocks 256GB before the 32-bit counter overflows. Releases of the chacha20 crate prior to v0.2.3 allow generating keystreams larger than this, including seeking past the limit. When this occurs, the keystream is duplicated, with failure mod...

openldap security, bug fix, and enhancement update

2.4.44-5 - fix CVE-2017-9287 openldap: Double free vulnerability in servers/slapd/back-mdb/search.c 1458210 2.4.44-4 - NSS: Include some CHACHA20POLY1305 ciphers 1432907 2.4.44-3 - NSS: re-register NSSShutdown callback 1405354 2.4.44-2 - Include MDB tools in openldap-servers 1428740 2.4.44-1 -...