Peter Esbensen

**Name of the Vulnerable Software and Affected Versions** Tink versions prior to 1.5 **Description** A mis-handling of invalid unicode characters in the Java implementation of Tink allows an attacker to change the ID part of a ciphertext, resulting in the creation of a second ciphertext that can decrypt to the same plaintext. This issue compromises ciphertext integrity, particularly when encrypting with a deterministic AEAD using a single key and relying on a unique ciphertext-per-plaintext. No loss of confidentiality or plaintext integrity occurs due to this problem. **Recommendations** For Tink versions prior to 1.5, the issue was fixed in a specific pull request. As a workaround, consider backporting the fixing pull request until a newer version is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.