CVE-2018-25099
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-25099
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-25099.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2018-25099
- Downstream
- Related
- Published
- 2024-03-18T05:15:06Z
- Modified
- 2025-10-15T09:36:55.100165Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the CryptX module before 0.062 for Perl, gcmdecryptverify() and chacha20poly1305decryptverify() do not verify the tag.
- References
Affected packages
Git / github.com/dcit/perl-cryptx
Affected ranges
- Type
- GIT
- Repo
- https://github.com/dcit/perl-cryptx
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v0.*
v0.018
v0.019
v0.020
v0.021
v0.022
v0.023
v0.024
v0.025
v0.026
v0.029
v0.030
v0.031
v0.032
v0.033
v0.034
v0.035
v0.036
v0.037
v0.038
v0.039
v0.040
v0.041
v0.042
v0.043
v0.044
v0.045
v0.046
v0.047
v0.048
v0.049
v0.050
v0.051
v0.052
v0.053
v0.054
v0.055
v0.056
v0.057
v0.058
v0.059
v0.060
v0.061