go-jose before 1.0.5 suffers from a CBC-HMAC integer overflow on 32-bit architectures. An integer overflow could lead to authentication bypass for CBC-HMAC encrypted ciphertexts on 32-bit architectures.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: hackerone
Published: 2017-03-28T02:46:00
Updated: 2024-08-06T02:42:10.771Z
Reserved: 2016-10-31T00:00:00
Link: CVE-2016-9123
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2017-03-28T02:59:00.293
Modified: 2017-03-29T17:05:40.620
Link: CVE-2016-9123
Redhat
No data.