Vulnerability Database
Blog
FAQ
Docs
GO-2023-1294
See a problem?
Source
https://pkg.go.dev/vuln/GO-2023-1294
Import Source
https://vuln.go.dev/ID/GO-2023-1294.json
JSON Data
https://api.osv.dev/v1/vulns/GO-2023-1294
Aliases
CVE-2014-125055
GHSA-r894-5r7v-7rx3
Published
2024-08-20T20:25:58Z
Modified
2024-08-20T20:58:47.371973Z
Summary
easy-scrypt Observable Timing Discrepancy vulnerability in github.com/agnivade/easy-scrypt
Details
easy-scrypt Observable Timing Discrepancy vulnerability in github.com/agnivade/easy-scrypt
References
https://github.com/advisories/GHSA-r894-5r7v-7rx3
https://nvd.nist.gov/vuln/detail/CVE-2014-125055
https://github.com/agnivade/easy-scrypt/commit/477c10cf3b144ddf96526aa09f5fdea613f21812
https://github.com/agnivade/easy-scrypt/releases/tag/v1.0.0
https://vuldb.com/?ctiid.217596
https://vuldb.com/?id.217596
Affected packages
Go
/
github.com/agnivade/easy-scrypt
Package
Name
github.com/agnivade/easy-scrypt
View open source insights on deps.dev
Purl
pkg:golang/github.com/agnivade/easy-scrypt
Affected ranges
Type
SEMVER
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.0.0
GO-2023-1294 - OSV