Lucene search
K

26 matches found

NVD
NVD
added 2026/06/24 12:16 a.m.8 views

CVE-2026-6458

Missing cryptographic step in Caliptra Core Firmware aes256gcmupdate module results in an incorrect GCM authentication tag. When the streaming AES-256-GCM API is used with empty AAD, the hardware GHASH accumulator state is not saved after the first update call, causing the final tag to exclude th...

5.1CVSS0.00128EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/10 5:6 a.m.2 views

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation due to improper validation of the AES-GCM authentication tag length in the wcPKCS7DecodeAuthEnvelopedData function. An attacker can bypass authentication by truncating the authentication tag, significantly...

8.7CVSS5.8AI score0.00355EPSS
Exploits0References2
OSV
OSV
added 2026/04/10 4:17 a.m.3 views

UBUNTU-CVE-2026-5500

wolfSSL's wcPKCS7DecodeAuthEnvelopedData does not properly sanitize the AES-GCM authentication tag length received and has no lower bounds check. A man-in-the-middle can therefore truncate the mac field from 16 bytes to 1 byte, reducing the tag check from 2⁻¹²⁸ to 2⁻⁸...

8.7CVSS5.8AI score0.00355EPSS
Exploits0References3
Anthropic
Anthropic
added 2026/03/29 8:42 p.m.14 views

ANT-2026-P23DVQM2 · wolfSSL · crypto-failure

crypto-failure high CVE-2026-5500 Severity Claude high · Security research firm high · Maintainer - Discovered by Claude Mythos Preview SECURITY RESEARCH FIRM ANALYSIS Triage and disclosure were performed by Calif. Verdict: true positive Severity: high TIMELINE Dates from discovery through public...

8.7CVSS5.8AI score0.00355EPSS
Exploits0
Snyk
Snyk
added 2026/03/13 10:41 p.m.4 views

Improper Validation of Integrity Check Value

Overview Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value due to missing validation of the AES-GCM authentication tag on encrypted XML nodes. An attacker can decrypt sensitive data and forge arbitrary ciphertexts by brute-forcing the authentication...

8.8CVSS5.9AI score0.00148EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.8 views

PT-2026-25375

Summary XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can use this to brute-force an authentication tag, recover the GHASH key, and decrypt the encrypted nodes. It also allows to forge arbitrary ciphertexts...

8.2CVSS5.8AI score0.00148EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 9 : cjose-0.6.1-13.el9 (AXSA:2023-6285:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-6285:01 advisory. cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE CVE-2023-37464 Tenable has extracted the preceding...

8.6CVSS5.6AI score0.006EPSS
Exploits1References2
EUVD
EUVD
added 2025/12/02 11:3 a.m.4 views

EUVD-2025-200219

In gokey versions 0.2.0, a flaw in the seed decryption logic resulted in passwords incorrectly being derived solely from the initial vector and the AES-GCM authentication tag of the key seed. This issue has been fixed in gokey version 0.2.0. This is a breaking change. The fix has invalidated any...

7.1CVSS6.6AI score0.00145EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.19 views

RHEL 7 : python-cryptography (RHSA-2018:3600)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2018:3600 advisory. The python-cryptography packages contain a Python Cryptographic Authority's PyCA's cryptography library, which provides cryptographic primitives and...

7.5CVSS6.8AI score0.02605EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/11/19 12:0 a.m.40 views

SUSE SLED15: python2-cryptography / python2-cryptography-vectors / etc (SUSE-SU-2022:4044-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4044-1 advisory. - Update in SLE-15 bsc1177083, jscPM-2730, jscSLE-18312 - Refresh patches for new version - Update in...

7.5CVSS6.7AI score0.02605EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2020:0790-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02605EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2020/03/26 12:0 a.m.36 views

SUSE SLES12 Security Update : python-cffi, python-cryptography, python-xattr (SUSE-SU-2020:0790-1)

This update for python-cffi, python-cryptography and python-xattr fixes the following issues : Security issue fixed : CVE-2018-10903: Fixed GCM tag forgery via truncated tag in finalizewithtag API bsc1101820. Non-security issues fixed : python-cffi was updated to 1.11.2 bsc1138748, jscECO-1256,...

7.5CVSS7.2AI score0.02605EPSS
Exploits0References10
OSV
OSV
added 2020/03/25 2:14 p.m.5 views

SUSE-SU-2020:0792-1 Security update for python-cffi, python-cryptography

This update for python-cffi, python-cryptography fixes the following issues: Security issue fixed: - CVE-2018-10903: Fixed GCM tag forgery via truncated tag in finalizewithtag API bsc1101820. Non-security issues fixed: python-cffi was updated to 1.11.2 bsc1138748, jscECO-1256, jscPM-1598: - fixed...

7.5CVSS7.5AI score0.02605EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.22 views

openSUSE Security Update : python-cryptography (openSUSE-2019-857)

This update for python-cryptography fixes the following issues : - CVE-2018-10903: The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. ...

7.5CVSS6.6AI score0.02605EPSS
Exploits0References2
Veracode
Veracode
added 2019/01/15 9:26 a.m.30 views

Information Disclosure

python-cryptography is vulnerable to a key leakage. A lack of input validation on the finalizewithtag API allows an attacker to forge a GCM tag by crafting an invalid payload with a shortened tag to bypass the MAC check in a 1 in 256 chance, resulting in a possible key leakage...

7.5CVSS7.3AI score0.02605EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.27 views

SUSE SLED15 / SLES15 Security Update : python-cryptography (SUSE-SU-2018:3392-1)

This update for python-cryptography fixes the following issues : CVE-2018-10903: The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1...

7.5CVSS6.7AI score0.02605EPSS
Exploits0References4
Mageia
Mageia
added 2018/11/03 11:55 a.m.37 views

Updated python-cryptography packages fix security vulnerability

The python-cryptography and python-cryptography-vectors packages have been updated to version 2.3.1 and fixes the following security issue: The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker...

7.5CVSS3AI score0.02605EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/10/26 12:0 a.m.42 views

openSUSE Security Update : python-cryptography (openSUSE-2018-1281)

This update for python-cryptography fixes the following issues : - CVE-2018-10903: The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. ...

7.5CVSS6.6AI score0.02605EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2018/07/31 6:28 p.m.33 views

PyCA Cryptography vulnerable to GCM tag forgery

A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1 byte suc...

7.5CVSS7.2AI score0.02605EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2018/07/30 4:29 p.m.31 views

PYSEC-2018-52

A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1 byte suc...

7.5CVSS2.6AI score0.02605EPSS
Exploits0References5
Rows per page
Query Builder