CVE-2016-7798

CVE-2016-7798

The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism.

Source: CVE-2016-7798

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다