CVE-2021-42583

EPSS 0.15%

Use of a Broken or Risky Cryptographic Algorithm in Max Mazurov Maddy

Published: 1/6/2022Modified: 8/21/2024

Also known as:GHSA-5r5w-h76p-m726GO-2022-0306

Description

A Broken or Risky Cryptographic Algorithm exists in Max Mazurov Maddy before 0.5.2, which is an unnecessary risk that may result in the exposure of sensitive information.

Affected packages (2)

Go/github.com/foxcpp/maddyfrom 0, < 0.5.2
Go/github.com/foxcpp/maddyfrom 0, < 0.5.2

References (5)

ADVISORYhttps://github.com/advisories/GHSA-5r5w-h76p-m726
ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2021-42583
PATCHhttps://github.com/foxcpp/maddy
WEBhttps://github.com/foxcpp/maddy/blob/df40dce1284cd0fd0a9e8e7894029553d653d0a5/internal/auth/shadow/verify.go
WEBhttps://github.com/foxcpp/maddy/releases/tag/v0.5.2