VYPR

RubyGems package

aescrypt

pkg:gem/aescrypt

Vulnerabilities (1)

  • CVE-2013-7463HigApr 19, 2017
    affected <= 1.0.0

    The aescrypt gem 1.0.0 for Ruby does not randomize the CBC IV for use with the AESCrypt.encrypt and AESCrypt.decrypt functions, which allows attackers to defeat cryptographic protection mechanisms via a chosen plaintext attack.