Search criteria
1 vulnerability by dajiaji
CVE-2025-64767 (GCVE-0-2025-64767)
Vulnerability from cvelistv5 – Published: 2025-11-21 18:47 – Updated: 2025-11-21 19:01
VLAI
Title
hpke-js reuses AEAD nonces
Summary
hpke-js is a Hybrid Public Key Encryption (HPKE) module built on top of Web Cryptography API. Prior to version 1.7.5, the public SenderContext Seal() API has a race condition which allows for the same AEAD nonce to be re-used for multiple Seal() calls. This can lead to complete loss of Confidentiality and Integrity of the produced messages. This issue has been patched in version 1.7.5.
Severity
9.1 (Critical)
CWE
- CWE-323 - Reusing a Nonce, Key Pair in Encryption
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/dajiaji/hpke-js/security/advis… | x_refsource_CONFIRM |
| https://github.com/dajiaji/hpke-js/commit/94a767c… | x_refsource_MISC |
| https://github.com/dajiaji/hpke-js/blob/b7fd3592c… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-64767",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-21T18:59:55.477261Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T19:01:11.833Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "hpke-js",
"vendor": "dajiaji",
"versions": [
{
"status": "affected",
"version": "\u003c 1.7.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "hpke-js is a Hybrid Public Key Encryption (HPKE) module built on top of Web Cryptography API. Prior to version 1.7.5, the public SenderContext Seal() API has a race condition which allows for the same AEAD nonce to be re-used for multiple Seal() calls. This can lead to complete loss of Confidentiality and Integrity of the produced messages. This issue has been patched in version 1.7.5."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-323",
"description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T18:47:19.930Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dajiaji/hpke-js/security/advisories/GHSA-73g8-5h73-26h4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dajiaji/hpke-js/security/advisories/GHSA-73g8-5h73-26h4"
},
{
"name": "https://github.com/dajiaji/hpke-js/commit/94a767c9b9f37ce48d5cd86f7017d8cacd294aaf",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dajiaji/hpke-js/commit/94a767c9b9f37ce48d5cd86f7017d8cacd294aaf"
},
{
"name": "https://github.com/dajiaji/hpke-js/blob/b7fd3592c7c08660c98289d67c6bb7f891af75c4/packages/core/src/senderContext.ts#L22-L34",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dajiaji/hpke-js/blob/b7fd3592c7c08660c98289d67c6bb7f891af75c4/packages/core/src/senderContext.ts#L22-L34"
}
],
"source": {
"advisory": "GHSA-73g8-5h73-26h4",
"discovery": "UNKNOWN"
},
"title": "hpke-js reuses AEAD nonces"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-64767",
"datePublished": "2025-11-21T18:47:19.930Z",
"dateReserved": "2025-11-10T22:29:34.877Z",
"dateUpdated": "2025-11-21T19:01:11.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}