Vulnerabilities > Aescrypt Project

DATE	CVE	VULNERABILITY TITLE	RISK
2017-04-19	CVE-2013-7463	Use of Insufficiently Random Values vulnerability in Aescrypt Project Aescrypt 1.0.0 The aescrypt gem 1.0.0 for Ruby does not randomize the CBC IV for use with the AESCrypt.encrypt and AESCrypt.decrypt functions, which allows attackers to defeat cryptographic protection mechanisms via a chosen plaintext attack. network low complexity aescrypt-project CWE-330	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.

Vulnerabilities > Aescrypt Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Aescrypt Project"}]}

Vulnerabilities > Aescrypt Project