Skip to content

Partial secret key disclosure, improper safety number calculation, & inadequate encryption strength

High
parabirb published GHSA-5jxh-6378-rg7v Mar 15, 2021

Package

wrongthink (wrongthink.me)

Affected versions

< 2.2.0

Patched versions

>= 2.2.0

Description

This advisory and the rest of the repository has been moved.

Severity

High
8.1
/ 10

CVSS base metrics

Attack vector
Network
Attack complexity
Low
Privileges required
None
User interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CVE ID

CVE-2021-21387

Credits