4 matches found
Insecure Randomness
Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Insecure Randomness
Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...
Sensitive Information Disclosure
netty-incubator-codec-ohttp is vulnerable to Sensitive Information Disclosure. The vulnerability due to an error in the BoringSSLAEADContext which results the encryption nonce overflowing. An attacker can manipulate the nonce repetition by causing the sequence number to overflow, which decreases...
Sequential calls of encryption API (`encrypt`, `wrap`, and `dump`) result in nonce reuse
Problem: Trying to create a new encrypted message with the same cocoon object generates the same ciphertext. It mostly affects MiniCocoon and Cocoon objects with custom seeds and RNGs where StdRng is used under the hood. Note: The issue does NOT affect objects created with Cocoon::new which...