Vulnerabilities > Google > Tink > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-10-19 CVE-2020-8929 Unspecified vulnerability in Google Tink
A mis-handling of invalid unicode characters in the Java implementation of Tink versions prior to 1.5 allows an attacker to change the ID part of a ciphertext, which result in the creation of a second ciphertext that can decrypt to the same plaintext.
network
low complexity
google
5.3