CVE-2024-21530

MEDIUM Year: 2024
CVSS v3 Score
4.5
Medium
Weakness Type
CWE-323
View all →

Vulnerability Description

Versions of the package cocoon before 0.4.0 are vulnerable to Reusing a Nonce, Key Pair in Encryption when the encrypt, wrap, and dump functions are sequentially called. An attacker can generate the same ciphertext by creating a new encrypted message with the same cocoon object. **Note:** The issue does NOT affect objects created with Cocoon::new which utilizes ThreadRng.

Related Vulnerabilities

CVE-2024-41951

MEDIUM
CVSS:4.4(Medium)

Pheonix App is a Python application designed to streamline various tasks, from managing files to playing mini-games. The issue is that the map of encoding/decoding languages are visible in code. The P...

CWE-3232024

CVE-2017-13078

MEDIUM
CVSS:5.3(Medium)

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points t...

CWE-3232017

CVE-2017-13079

MEDIUM
CVSS:5.3(Medium)

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range...

CWE-3232017

CVE-2017-13080

MEDIUM
CVSS:5.3(Medium)

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points ...

CWE-3232017

CVE-2017-13081

MEDIUM
CVSS:5.3(Medium)

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio rang...

CWE-3232017

CVE-2017-13088

MEDIUM
CVSS:5.3(Medium)

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response fram...

CWE-3232017