Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2018-25099

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the CryptX module before 0.062 for Perl, gcmdecryptverify and chacha20poly1305decryptverify do not verify the tag. CVE-2018-25099 Note that Nessus relies on...

9.8CVSS5.5AI score0.00489EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/03 4:52 p.m.5 views

CVE-2025-27498 AEADs/ascon-aead: Plaintext exposed in decrypt_in_place_detached even on tag verification failure

aes-gcm is a pure Rust implementation of the AES-GCM. In decryptinplacedetached, the decrypted ciphertext which is the correct ciphertext is exposed even if the tag is incorrect. This is because in decryptinplace in asconcore.rs, tag verification causes an error to be returned with the plaintext...

5.6CVSS6.5AI score0.00117EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/03 4:52 p.m.40 views

CVE-2025-27498 AEADs/ascon-aead: Plaintext exposed in decrypt_in_place_detached even on tag verification failure

aes-gcm is a pure Rust implementation of the AES-GCM. In decryptinplacedetached, the decrypted ciphertext which is the correct ciphertext is exposed even if the tag is incorrect. This is because in decryptinplace in asconcore.rs, tag verification causes an error to be returned with the plaintext...

5.6CVSS0.00117EPSS
Exploits0References2
OSV
OSV
added 2023/11/22 12:0 p.m.4 views

RUSTSEC-2023-0096 Plaintext exposed in decrypt_in_place_detached even on tag verification failure

Summary In the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. Impact If a program using the aes-gcm crate's decryptinplace APIs accesses the buffer after decryption failure, it will contain a...

4.7CVSS7AI score0.00262EPSS
Exploits1References3
RustSec
RustSec
added 2023/11/22 12:0 p.m.6 views

Plaintext exposed in decrypt_in_place_detached even on tag verification failure

Summary In the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. Impact If a program using the aes-gcm crate's decryptinplace APIs accesses the buffer after decryption failure, it will contain a...

5.5CVSS7.1AI score0.00262EPSS
Exploits1Affected Software1
Github Security Blog
Github Security Blog
added 2023/09/22 4:11 p.m.29 views

AEADs/aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure

Summary In the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. Impact If a program using the aes-gcm crate's decryptinplace APIs accesses the buffer after decryption failure, it will contain a...

5.5CVSS7.2AI score0.00262EPSS
Exploits1References8Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/22 3:19 p.m.4 views

CVE-2023-42811 AEADs/aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure

aes-gcm is a pure Rust implementation of the AES-GCM. Starting in version 0.10.0 and prior to version 0.10.3, in the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. If a program using the aes-gcm...

4.7CVSS5AI score0.00262EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2023/09/22 3:19 p.m.4 views

CVE-2023-42811

aes-gcm is a pure Rust implementation of the AES-GCM. Starting in version 0.10.0 and prior to version 0.10.3, in the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. If a program using the aes-gcm...

5.5CVSS7.2AI score0.00262EPSS
Exploits1
Rows per page
Query Builder