CVE-2021-3680

Published: Aug 4, 2021Modified: Nov 21, 2024

4.9

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Exploitability: 1.2 / Impact: 3.6

Source: NVD

Description

showdoc is vulnerable to Missing Cryptographic Step

Affected (1)

Products: Showdoc: Showdoc

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Showdoc Showdoc	Up to 2.9.7

Related CWEs

Missing Cryptographic Step

The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm.

Improper Verification of Cryptographic Signature

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

References (4)

https://github.com/star7th/showdoc/commit/4b962c1740311e0d46775023b6acba39ad60e370

Source: security@huntr.dev

PatchThird Party Advisory

https://huntr.dev/bounties/76b49607-fba9-4100-9be7-cb459fe6cfe2

Source: security@huntr.dev

ExploitThird Party Advisory

https://github.com/star7th/showdoc/commit/4b962c1740311e0d46775023b6acba39ad60e370

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://huntr.dev/bounties/76b49607-fba9-4100-9be7-cb459fe6cfe2

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.