Vulnerability Details CVE-2021-42583
A Broken or Risky Cryptographic Algorithm exists in Max Mazurov Maddy before 0.5.2, which is an unnecessary risk that may result in the exposure of sensitive information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 36.2%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://github.com/foxcpp/maddy/blob/df40dce1284cd0fd0a9e8e7894029553d653d0a5/internal/auth/shadow/verify.go
- https://github.com/foxcpp/maddy/releases/tag/v0.5.2
- https://github.com/foxcpp/maddy/blob/df40dce1284cd0fd0a9e8e7894029553d653d0a5/internal/auth/shadow/verify.go
- https://github.com/foxcpp/maddy/releases/tag/v0.5.2