CVE-2022-29249

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions JavaEZ version 1.6

Description A weakness in JavaEZ allows force decryption of locked text by unauthorized actors. The issue may be critical in situations where the highest levels of security are required, but it is not critical for non-secure applications.

Recommendations For JavaEZ version 1.6, upgrade to release 1.7 to patch the vulnerability. Currently, there is no way to fix the issue without upgrading.

Exploit

Fix

Use of a Broken Cryptographic Algorithm

Inadequate Encryption Strength

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-327CWE-326CWE-328

Related Identifiers

CVE-2022-29249

GHSA-67FJ-6W6M-W5J8

Affected Products

Javaez

CVE-2022-29249

Weakness Enumeration

Related Identifiers

Affected Products

References · 9