Thealtofwar

**Name of the Vulnerable Software and Affected Versions** aes-gcm versions prior to 0.4.3 **Description** The issue arises in the decrypt in place detached function, where the decrypted ciphertext is exposed even if the tag is incorrect. This occurs because the tag verification in the decrypt inplace function returns an error with the plaintext contents still in the buffer. **Recommendations** For versions prior to 0.4.3, update to version 0.4.3 to resolve the issue.