Polivar3

**Name of the Vulnerable Software and Affected Versions** ReadyTalk Avian versions 1.2.0 through 1.2.0 before 2020-10-27 **Description** An issue was discovered in the FileOutputStream.write() method in FileOutputStream.java, where an integer overflow leads to bypassing the boundary check and achieving out-of-bounds access. This issue affects products that are no longer supported by the maintainer. **Recommendations** For ReadyTalk Avian version 1.2.0, consider disabling the `FileOutputStream.write()` method until a patch is available, as the product is no longer supported by the maintainer. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Noise-Java versions prior to 2020-08-27 **Description** An issue was discovered that allows out-of-bounds access through the ChaChaPolyCipherState.encryptWithAd() function. **Recommendations** For Noise-Java versions prior to 2020-08-27, consider restricting access to the ChaChaPolyCipherState.encryptWithAd() function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Noise-Java versions prior to 2020-08-27 **Description** An issue was discovered that allows out-of-bounds access through the `encryptWithAd()` function in `AESGCMFallbackCipherState`. **Recommendations** For Noise-Java versions prior to 2020-08-27, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Noise-Java versions prior to 2020-08-27 **Description** An issue was discovered that allows out-of-bounds access through the `encryptWithAd()` function in `AESGCMOnCtrCipherState`. **Recommendations** For versions prior to 2020-08-27, at the moment, there is no information about a newer version that contains a fix for this issue.