Filtered by vendor Dajiaji
Subscriptions
Filtered by product Hpke-js
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-64767 | 1 Dajiaji | 1 Hpke-js | 2025-11-24 | 9.1 Critical |
| hpke-js is a Hybrid Public Key Encryption (HPKE) module built on top of Web Cryptography API. Prior to version 1.7.5, the public SenderContext Seal() API has a race condition which allows for the same AEAD nonce to be re-used for multiple Seal() calls. This can lead to complete loss of Confidentiality and Integrity of the produced messages. This issue has been patched in version 1.7.5. | ||||
Page 1 of 1.