CryptoJS could be made to expose sensitive information.
Software Description:
- cryptojs: collection of cryptographic algorithms implemented in JavaScript
Details:
Thomas Neil James Shadwell discovered that CryptoJS was using an insecure
cryptographic default configuration. A remote attacker could possibly use
this issue to expose sensitive information.
The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS (Available with Ubuntu Pro): libjs-cryptojs 3.1.2+dfsg-3ubuntu0.22.04.1~esm1 Ubuntu 20.04 LTS: libjs-cryptojs 3.1.2+dfsg-2ubuntu0.20.04.1 Ubuntu 18.04 LTS (Available with Ubuntu Pro): libjs-cryptojs 3.1.2+dfsg-2ubuntu0.18.04.1~esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): libjs-cryptojs 3.1.2+dfsg-2ubuntu0.16.04.1~esm1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-6753-1
CVE-2023-46233
Get the latest Linux and open source security news straight to your inbox.