CVE-2021-42583
HIGHMaddy < 0.5.2 - Use of a Broken or Risky Cryptographic Algorithm
Title source: llmDescription
A Broken or Risky Cryptographic Algorithm exists in Max Mazurov Maddy before 0.5.2, which is an unnecessary risk that may result in the exposure of sensitive information.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
https://github.com/foxcpp/maddy/blob/df40dce1284cd0fd0a9e8e7894029553d653d0a5/internal/auth/shadow/verify.go
Release Notes, Third Party Advisory x_refsource_misc
https://github.com/foxcpp/maddy/releases/tag/v0.5.2
Scores
CVSS v3
7.5
EPSS
0.0072
EPSS Percentile
49.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-327
Status
published
Products (2)
foxcpp/maddy
< 0.5.2
foxcpp/maddy
0 - 0.5.2Go
Published
Dec 28, 2021
Tracked Since
Feb 18, 2026