اتّبِع الروابط الواردة في الجداول للحصول على مزيد من المعلومات عن المشاكل الفردية المعروفة.
Java (باستثناء Android)
يستخدم Tink Java مزوّد أمان أساسي، مثل Conscrypt أو Oracle JDK أو OpenJDK أو Boungy Castle. قد يتم اكتساب أي مشكلة أمنية في المزود في
Tink Java.
ننصحك باستخدام Tink مع أحدث إصدار من المزوّد، خاصةً إذا كنت تستخدم ECDSA (البدائل: ED25519) أو AES-GCM (البدائل: AES-EAX أو
AES-CTR-HMAC-AEAD أو XChaCha20-Poly1305).
تاريخ التعديل الأخير: 2025-07-25 (حسب التوقيت العالمي المتفَّق عليه)
[null,null,["تاريخ التعديل الأخير: 2025-07-25 (حسب التوقيت العالمي المتفَّق عليه)"],[[["\u003cp\u003eThis page lists known security issues for Google's Tink cryptographic library, categorized by programming language and version.\u003c/p\u003e\n"],["\u003cp\u003eTink relies on underlying security providers (like Conscrypt, OpenSSL) and inherits any vulnerabilities present in them.\u003c/p\u003e\n"],["\u003cp\u003eSome known issues like "Envelope AEAD: Malleability" and "Fork Safety" affect all versions and languages of Tink.\u003c/p\u003e\n"],["\u003cp\u003eUsers are encouraged to utilize the latest versions of Tink and its underlying providers to mitigate potential risks.\u003c/p\u003e\n"],["\u003cp\u003eFor reporting issues or viewing recent reports, refer to the affected repository on GitHub.\u003c/p\u003e\n"]]],["Tink has known issues across its language versions (Java, Android, C++, Python, Go, Objective-C), often inheriting security issues from underlying libraries. Key concerns include \"Streaming AEAD: Integer overflow\" (versions 1.0.0-1.3.0), \"Envelope AEAD: Malleability\" (all versions), and \"Fork Safety\" (all versions). Android has an additional issue with AesGcm on API levels \u003c=19. C++ has \"JSON Parsing DoS\" (1.0.0-2.1.3) and \"Subtle AEAD\" (1.0.0-1.3.0). Reporting issues is done via the GitHub repository.\n"],null,["# Known issues\n\nThis page lists known issues in Tink, sorted by language version:\n\n- [Java (excluding Android)](#java_excluding_android)\n- [Android](#android)\n- [C++](#c)\n- [Python](#python)\n- [Go](#go)\n- [Objective-C](#objective-c)\n\nFollow the links in the tables for more information on individual known issues.\n| **Note:** To report an issue or view recent reports from other users, go to the affected repository on [GitHub](https://github.com/tink-crypto/).\n\nJava (excluding Android)\n------------------------\n\nTink Java uses an underlying security provider, like Conscrypt, Oracle JDK,\nOpenJDK, or Bouncy Castle. Any security issue in a provider may be inherited in\nTink Java.\n\nWe recommend using Tink with the latest version of the provider, especially if\nyou use ECDSA (alternative: ED25519) or AES-GCM (alternatives: AES-EAX,\nAES-CTR-HMAC-AEAD or XChaCha20-Poly1305).\n\n| Known Issue | Affected Versions |\n|--------------------------------------------------------------------------|-------------------|\n| [Streaming AEAD: Integer overflow](/tink/issues/streaming-aead-overflow) | 1.0.0 - 1.3.0 |\n| [Envelope AEAD: Malleability](/tink/issues/envelope-aead-malleability) | All |\n| [Fork Safety](/tink/issues/fork-safety) | All |\n\nAndroid\n-------\n\nThe minimum API level that Tink supports is 19 (Android KitKat).\n\nOn Android, Tink uses the Conscrypt provided by GMS core by default, and\nConscrypt otherwise. Any security issue in a provider may be inherited in Tink.\n\nWe recommend using Tink with the latest version of the provider.\n\n| Known Issue | Affected Tink Versions | Affected Android API levels |\n|--------------------------------------------------------------------------|------------------------|-----------------------------|\n| [Streaming AEAD: Integer overflow](/tink/issues/streaming-aead-overflow) | 1.0.0 - 1.3.0 | All |\n| [Envelope AEAD: Malleability](/tink/issues/envelope-aead-malleability) | All | All |\n| [Fork Safety](/tink/issues/fork-safety) | All | All |\n| [AesGcm](/tink/issues/aes_gcm_android_19) | All | \\\u003c= 19 |\n| Unsupported (see above) | All | \\\u003c= 18 |\n\nC++\n---\n\nTink C++ uses either BoringSSL or OpenSSL as an underlying library. Any security\nissue in the underlying library may be inherited in Tink C++.\n\n| Known Issue | Affected Versions |\n|---------------------------------------------------------------------------------------|-------------------|\n| [JSON Parsing DoS](/tink/issues/CVE-2024-4420) | 1.0.0 - 2.1.3 |\n| [Subtle AEAD: AES-CTR-HMAC and EncryptThenAuthenticate](/tink/issues/subtle-aead-cpp) | 1.0.0 - 1.3.0 |\n| [Envelope AEAD: Malleability](/tink/issues/envelope-aead-malleability) | All |\n| [Fork Safety](/tink/issues/fork-safety) | All |\n\nPython\n------\n\nTink Python is a wrapper around Tink C++ using pybind11. Any security issue in\nTink C++ may be inherited in Tink Python.\n\n| Known Issue | Affected Versions |\n|------------------------------------------------------------------------|-------------------|\n| [Envelope AEAD: Malleability](/tink/issues/envelope-aead-malleability) | All |\n| [Fork Safety](/tink/issues/fork-safety) | All |\n\nGo\n---\n\nTink Go uses the underlying Go crypto libraries. Any security issues in those\nlibraries may be inherited by Tink Go.\n\n| Known Issue | Affected Versions |\n|--------------------------------------------------------------------------|-------------------|\n| [Streaming AEAD: Integer overflow](/tink/issues/streaming-aead-overflow) | 1.0.0 - 1.3.0 |\n| [Envelope AEAD: Malleability](/tink/issues/envelope-aead-malleability) | All |\n| [Fork Safety](/tink/issues/fork-safety) | All |\n\nObjective-C\n-----------\n\nTink Objective-C is a wrapper around Tink C++. Any security issue in Tink C++\nmay be inherited in Tink Objective-C.\n\n| Known Issue | Affected Versions |\n|------------------------------------------------------------------------|-------------------|\n| [Envelope AEAD: Malleability](/tink/issues/envelope-aead-malleability) | All |\n| [Fork Safety](/tink/issues/fork-safety) | All |"]]
