Posted by Pietro Oliva via Fulldisclosure on Sep 04
Vulnerability title: Noise-Java AESGCMFallbackCipherState.encryptWithAd() insufficient boundary checks
Author: Pietro Oliva
Vendor: Rhys Weatherley (Creator of Noise Framework’s reference implementation in Java)
Affected version: No version information is currently available.
Fixed version: Check latest commit and pull request
The issue is located in the…
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.