Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Noise-java ProjectNoise-java

3 matches found

CVE
CVEadded 2020/09/04 3:34 a.m.69 views

CVE-2020-25021

CVE-2020-25021 affects Noise-Java: ChaChaPolyCipherState.encryptWithAd() contains incomplete/missing boundary checks, enabling out-of-bounds access. Descriptions across sources indicate potential out-of-bounds reads/writes when parameters like plaintextOffset, ciphertextOffset, or length are extr...

9.8CVSS9.3AI score0.00633EPSS
CVE
CVEadded 2020/09/04 3:35 a.m.67 views

CVE-2020-25023

Noise-Java contains an out-of-bounds access vulnerability in AESGCMOnCtrCipherState.encryptWithAd() (through 2020-08-27). The issue stems from incomplete/missing boundary checks, risking out-of-bounds reads/writes for large plaintext offsets, negative ciphertext offsets, or negative lengths. Docu...

9.8CVSS9.4AI score0.00633EPSS
CVE
CVEadded 2020/09/04 3:34 a.m.66 views

CVE-2020-25022

Noise-Java (AESGCMFallbackCipherState.encryptWithAd) suffers an out-of-bounds access due to incomplete boundary checks in encryptWithAd(), as reported for 2020-08-27 and earlier. The issue can cause out-of-bounds read/write with large plaintextOffset or negative ciphertextOffset/length, with JVM ...

9.8CVSS9.4AI score0.00633EPSS