CVE-2021-27211
HIGHsteghide 0.5.1 - Hidden Data Detection via Weak PRNG Seed
Title source: llmDescription
steghide 0.5.1 relies on a certain 32-bit seed value, which makes it easier for attackers to detect hidden data.
Exploits (1)
References (4)
Core 4
Core References
Release Notes, Third Party Advisory x_refsource_misc
https://sourceforge.net/projects/steghide/files/steghide/0.5.1/
Product x_refsource_misc
https://github.com/StefanoDeVuono/steghide
Product x_refsource_misc
https://github.com/b4shfire/stegcrack
Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/165199/Steghide-Hidden-Data-Extraction.html
Scores
CVSS v3
7.5
EPSS
0.0064
EPSS Percentile
70.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-335
Status
published
Products (1)
steghide_project/steghide
0.5.1
Published
Feb 15, 2021
Tracked Since
Feb 18, 2026