Launchpad.net

CVE 2016-4711

CCrypt in corecrypto in CommonCrypto in Apple iOS before 10 and OS X before 10.12 allows attackers to discover cleartext information by leveraging a function call that specifies the same buffer for input and output.

See the CVE page on Mitre.org for more details.