Lucene search
Veracode Vulnerability DatabaseVERACODE:45358HistoryFeb 06, 2024 - 6:49 a.m.
Authentication Bypass
2024-02-0606:49:32
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
vulnerability
authentication
bypass
size checks
cbc-hmac
integers
overflow
ciphertexts
software
github
github.com/square/go-jose is vulnerable to Authentication Bypass. The vulnerability is due to missing size checks resulting in CBC-HMAC integers overflowing on 32-bit architectures. This could lead to authentication bypass for CBC-HMAC encrypted ciphertexts.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/square/go-jose | le | v1.0.4 | |
| github.com/square/go-jose | le | v1.0.4 |
Related
osv
osv
CVE-2016-9123
2017-03-28 02:59:00
Integer overflow in github.com/square/go-jose
2021-04-14 20:04:52
Integer Overflow in go-jose
2021-06-23 17:14:12
ubuntucve
ubuntucve
CVE-2016-9123
2017-03-28 00:00:00
github
github
Integer Overflow in go-jose
2021-06-23 17:14:12
prion
prion
Integer overflow
2017-03-28 02:59:00
cve
cve
CVE-2016-9123
2017-03-28 02:59:00
debiancve
debiancve
CVE-2016-9123
2017-03-28 02:59:00
cvelist
cvelist
CVE-2016-9123
2017-03-28 02:46:00