Filtered by vendor Aescrypt Project
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-7463 | 1 Aescrypt Project | 1 Aescrypt | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
The aescrypt gem 1.0.0 for Ruby does not randomize the CBC IV for use with the AESCrypt.encrypt and AESCrypt.decrypt functions, which allows attackers to defeat cryptographic protection mechanisms via a chosen plaintext attack. |