Описание
The Anubis (aka Anubis+Ripe160) plugin before 1.3 for encrypt stores the unencrypted file's size in cleartext in the header of the encrypted file, which allows attackers to distinguish between encrypted data and random padding at the end of the encrypted file.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.2 (включая)
cpe:2.3:a:albinoloverats:anubis_plugin:*:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00325
Низкий
6.4 Medium
CVSS2
Дефекты
CWE-310
Связанные уязвимости
github
почти 4 года назад
The Anubis (aka Anubis+Ripe160) plugin before 1.3 for encrypt stores the unencrypted file's size in cleartext in the header of the encrypted file, which allows attackers to distinguish between encrypted data and random padding at the end of the encrypted file.
EPSS
Процентиль: 55%
0.00325
Низкий
6.4 Medium
CVSS2
Дефекты
CWE-310