Cryptx · Cryptx · CVE-2018-25099
**Name of the Vulnerable Software and Affected Versions**
CryptX versions prior to 0.062
**Description**
The issue concerns the CryptX module for Perl, where the functions `gcm decrypt verify()` and `chacha20poly1305 decrypt verify()` do not verify the tag, potentially leading to security issues.
**Recommendations**
For versions prior to 0.062, update to version 0.062 or later to resolve the issue. As a temporary workaround, consider disabling the use of `gcm decrypt verify()` and `chacha20poly1305 decrypt verify()` functions until a patch is available. Restrict access to the CryptX module to minimize the risk of exploitation.