PYSEC-2021-385

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/enrocrypt/PYSEC-2021-385.yaml

JSON Data

https://api.test.osv.dev/v1/vulns/PYSEC-2021-385

Aliases

Published

2021-11-08T15:15:00Z

Modified

2023-11-01T04:56:04.904200Z

Summary

[none]

Details

EnroCrypt is a Python module for encryption and hashing. Prior to version 1.1.4, EnroCrypt used the MD5 hashing algorithm in the hashing file. Beginners who are unfamiliar with hashes can face problems as MD5 is considered an insecure hashing algorithm. The vulnerability is patched in v1.1.4 of the product. As a workaround, users can remove the MD5 hashing function from the file hashing.py.

References

Affected packages

PyPI / enrocrypt

Package

Name: enrocrypt; View open source insights on deps.dev
Purl: pkg:pypi/enrocrypt

Affected ranges

Type: GIT
Repo: https://github.com/Morgan-Phoenix/EnroCrypt
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

e652d56ac60eadfc26489ab83927af13a9b9d8ce

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.1.4

Affected versions

1.*

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

1.1.0

1.1.1

1.1.2

1.1.3