Vulnerability Details CVE-2021-42583
A Broken or Risky Cryptographic Algorithm exists in Max Mazurov Maddy before 0.5.2, which is an unnecessary risk that may result in the exposure of sensitive information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 49.1%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://github.com/foxcpp/maddy/blob/df40dce1284cd0fd0a9e8e7894029553d653d0a5/internal/auth/shadow/verify.go
- https://github.com/foxcpp/maddy/releases/tag/v0.5.2
- https://github.com/foxcpp/maddy/blob/df40dce1284cd0fd0a9e8e7894029553d653d0a5/internal/auth/shadow/verify.go
- https://github.com/foxcpp/maddy/releases/tag/v0.5.2