27 matches found
CVE-2020-25023
An issue was discovered in Noise-Java through 2020-08-27. AESGCMOnCtrCipherState.encryptWithAd allows out-of-bounds access...
CVE-2020-25022
An issue was discovered in Noise-Java through 2020-08-27. AESGCMFallbackCipherState.encryptWithAd allows out-of-bounds access...
CVE-2020-25022
Noise-Java (AESGCMFallbackCipherState.encryptWithAd) suffers an out-of-bounds access due to incomplete boundary checks in encryptWithAd(), as reported for 2020-08-27 and earlier. The issue can cause out-of-bounds read/write with large plaintextOffset or negative ciphertextOffset/length, with JVM ...
CVE-2020-25021
An issue was discovered in Noise-Java through 2020-08-27. ChaChaPolyCipherState.encryptWithAd allows out-of-bounds access...
CVE-2020-25021
CVE-2020-25021 affects Noise-Java: ChaChaPolyCipherState.encryptWithAd() contains incomplete/missing boundary checks, enabling out-of-bounds access. Descriptions across sources indicate potential out-of-bounds reads/writes when parameters like plaintextOffset, ciphertextOffset, or length are extr...
Noise-Java AESGCMOnCtrCipherState.encryptWithAd() Insufficient Boundary Checks
Vulnerability title: Noise-Java AESGCMOnCtrCipherState.encryptWithAd insufficient boundary checks Author: Pietro Oliva CVE: CVE-2020-25023 Vendor: Rhys Weatherley Creator of Noise Framework's reference implementation in Java Product: Noise-Java Affected version: No version information is currentl...
Noise-Java ChaChaPolyCipherState.encryptWithAd() Insufficient Boundary Checks
Vulnerability title: Noise-Java ChaChaPolyCipherState.encryptWithAd insufficient boundary checks Author: Pietro Oliva CVE: CVE-2020-25021 Vendor: Rhys Weatherley Creator of Noise Framework's reference implementation in Java Product: Noise-Java Affected version: No version information is currently...