CVE-2018-10903: GCM tag forgery via truncated tag in finalize_with_tag API
(updated )
The finalize_with_tag
API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalize_with_tag
, an attacker could craft an invalid payload with a shortened tag (e.g. 1 byte) such that they would have a 1 chance of passing the MAC check. GCM tag forgeries can cause key leakage.
References
Detect and mitigate CVE-2018-10903 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →