Vulnerabilities > CVE-2021-4286 - Information Exposure Through Discrepancy vulnerability in Pysrp Project Pysrp

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

pysrp-project

CWE-203

NVD

Published: 2022-12-27

Updated: 2024-05-17

Summary

A vulnerability, which was classified as problematic, has been found in cocagne pysrp up to 1.0.16. This issue affects the function calculate_x of the file srp/_ctsrp.py. The manipulation leads to information exposure through discrepancy. Upgrading to version 1.0.17 is able to address this issue. The name of the patch is dba52642f5e95d3da7af1780561213ee6053195f. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216875.

Vulnerable Configurations

Part	Description	Count
Application	Pysrp_Project Pysrp Project Pysrp - Pysrp Project Pysrp 1.0.4 Pysrp Project Pysrp 1.0.8 Pysrp Project Pysrp 1.0.9 Pysrp Project Pysrp 1.0.10 Pysrp Project Pysrp 1.0.11 Pysrp Project Pysrp 1.0.12 Pysrp Project Pysrp 1.0.13 Pysrp Project Pysrp 1.0.14 Pysrp Project Pysrp 1.0.16	10

Common Weakness Enumeration (CWE)

CWE-203 - Information Exposure Through Discrepancy

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References