icon

We found results for “

WS-2020-0010

Good to know:

icon

Date: February 10, 2020

All versions of simple-crypto-js use AES-CBC with PKCS#7 padding, which is vulnerable to padding oracle attacks. This may allow attackers to break the encryption and access sensitive data.

Language: JS

Severity Score

Severity Score

Top Fix

icon

Upgrade Version

No fix version available

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privilegs Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): NONE
Availability (A): NONE

Do you need more information?

Contact Us