3 matches found
CVE-2020-25022
An issue was discovered in Noise-Java through 2020-08-27. AESGCMFallbackCipherState.encryptWithAd allows out-of-bounds access...
Noise-Java AESGCMFallbackCipherState.encryptWithAd() Insufficient Boundary Checks Exploit
Noise-Java suffers from an issue located in the AESGCMFallbackCipherState.encryptWithAd method defined in AESGCMFallbackCipherState.java, where multiple boundary checks are performed to prevent invalid length or offsets from being specified for the encrypt or copy operation. However, some checks...
CVE-2020-25022
Noise-Java (AESGCMFallbackCipherState.encryptWithAd) suffers an out-of-bounds access due to incomplete boundary checks in encryptWithAd(), as reported for 2020-08-27 and earlier. The issue can cause out-of-bounds read/write with large plaintextOffset or negative ciphertextOffset/length, with JVM ...