Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2021/08/03 9:20 a.m.2 views

php: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with opensslencrypt function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data...

6.5CVSS7.4AI score0.02055EPSS
Exploits0References4
OSV
OSV
added 2020/10/02 3:15 p.m.2 views

DEBIAN-CVE-2020-7069

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with opensslencrypt function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data...

6.5CVSS6.9AI score0.02055EPSS
Exploits0References1
OSV
OSV
added 2020/10/02 3:15 p.m.3 views

UBUNTU-CVE-2020-7069

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with opensslencrypt function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data...

6.5CVSS6.7AI score0.02055EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2020/04/27 12:0 a.m.9 views

PT-2020-5865 · Php +9 · Php +9

Name of the Vulnerable Software and Affected Versions: PHP versions 7.2.x below 7.2.34 PHP versions 7.3.x below 7.3.23 PHP versions 7.4.x below 7.4.11 Description: The issue is related to the openssl encrypt function in PHP when used with AES-CCM mode and a 12-byte initialization vector IV. Only...

9.8CVSS6.7AI score0.9947EPSS
Exploits168References368
Rows per page
Query Builder