2 matches found
Improper Authentication
Overview Affected versions of this package are vulnerable to Improper Authentication in the AesCbcHmacSha2Decryptor.doFinal function, which effectively skips authentication by comparing the computed authentication tag with itself rather than with the received tag, for A128CBC-HS256, A192CBC-HS384...
Extraneous SSH Public Keys added to Authorized Keys file on Linux VM
None None...