VYPR
Get started
← All advisories
Critical severity9.8NVD Advisory· Published Mar 18, 2024· Updated Apr 15, 2026

CVE-2018-25099

CVE-2018-25099

Description

In the CryptX module before 0.062 for Perl, gcm_decrypt_verify() and chacha20poly1305_decrypt_verify() do not verify the tag.

Patches

2
681ea01e6477
https://github.com/DCIT/perl-CryptXvia osv
62cd87342eae
https://github.com/libtom/libtomcryptvia osv
PR #451

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

3

News mentions

0

No linked articles in our index yet.