Nandita-V

**Name of the Vulnerable Software and Affected Versions** aes-gcm versions 0.10.0 through 0.10.2 **Description** The issue concerns the AES GCM implementation of `decrypt in place detached`, where the decrypted ciphertext is exposed even if tag verification fails. This can enable Chosen Ciphertext Attacks (CCAs), potentially causing a catastrophic breakage of the cipher, including full plaintext recovery. **Recommendations** For versions 0.10.0 through 0.10.2, update to version 0.10.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the `decrypt in place detached` function until a patch is available. Avoid using the `decrypt in place*` APIs in a way that accesses the buffer after decryption failure, as this may expose the decrypted ciphertext.