CVE-2023-48053

Name of the Vulnerable Software and Affected Versions Archery version 1.10.0

Description The issue is related to the use of a non-random or static Initialization Vector (IV) for Cipher Block Chaining (CBC) mode in Advanced Encryption Standard (AES) encryption. This can lead to the disclosure of information and communications.

Recommendations For Archery version 1.10.0, consider updating to a version that uses a random IV for CBC mode in AES encryption to prevent information disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.