CVE-2025-27498
Description
aes-gcm is a pure Rust implementation of the AES-GCM. In decrypt_in_place_detached, the decrypted ciphertext (which is the correct ciphertext) is exposed even if the tag is incorrect. This is because in decrypt_inplace in asconcore.rs, tag verification causes an error to be returned with the plaintext contents still in buffer. The vulnerability is fixed in 0.4.3.
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2025-27498? +
How do I check if I'm vulnerable to CVE-2025-27498? +
Related Vulnerabilities
Hyperbridge is a hyper-scalable coprocessor for verifiable, cross-chain interoperability. A critical vulnerability was discovered in the ismp-grandpa crate, that allowed …
Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276 on …
xml-crypto is an XML digital signature and encryption library for Node.js. An attacker may be able to exploit a vulnerability …
xml-crypto is an XML digital signature and encryption library for Node.js. An attacker may be able to exploit a vulnerability …
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. The signature component of the …
OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. Startinf in version 5.0.1 and prior to versions 5.11.3 and 6.1.1, …