https://0g.vc/posts/insecure-cipher-gnuboard5/

https://huntr.dev/bounties/c8c2c3e1-67d0-4a11-a4d4-11af567a9ebb

OR
     *cpe:2.3:a:gnuboard:gnuboard5:*:*:*:*:*:*:*:* versions from (including) 5.5.5

OR
     *cpe:2.3:a:sir:gnuboard:*:*:*:*:*:*:*:* versions from (including) 5.5.5

Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard/gnuboard5 prior to and including 5.5.5. A vulnerability in gnuboard v5.5.5 and below uses weak encryption algorithms leading to sensitive information exposure. This allows an attacker to derive the email address of any user, including when the 'Let others see my information.' box is ticked off. Or to send emails to any email address, with full control of its contents

Use of a Broken or Risky Cryptographic Algorithm in GitHub repository gnuboard/gnuboard5 prior to and including 5.5.5. A vulnerability in gnuboard v5.5.5 and below uses weak encryption algorithms leading to sensitive information exposure. This allows an attacker to derive the email address of any user, including when the 'Let others see my information.' box is ticked off. Or to send emails to any email address, with full control of its contents

huntr.dev AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

huntr.dev AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

huntr.dev CWE-327

huntr.dev CWE-359

CWE-359 / More specific CWE option available

NIST CWE-327

NIST CWE-326

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

NIST (AV:N/AC:L/Au:N/C:P/I:P/A:N)

NIST (AV:N/AC:L/Au:N/C:P/I:N/A:N)

NIST CWE-326

Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard/gnuboard5 prior to and including 5.5.5. A vulnerability in gnuboard v5.5.5 and below uses weak encryption algorithms leading to sensitive information exposure. This allows an attacker to derive the email address of any user, including when the 'Let others see my information.' box is ticked off.

Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard/gnuboard5 prior to and including 5.5.5. A vulnerability in gnuboard v5.5.5 and below uses weak encryption algorithms leading to sensitive information exposure. This allows an attacker to derive the email address of any user, including when the 'Let others see my information.' box is ticked off. Or to send emails to any email address, with full control of its contents

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

NIST (AV:N/AC:L/Au:N/C:P/I:N/A:N)

OR
     *cpe:2.3:a:gnuboard:gnuboard5:*:*:*:*:*:*:*:* versions up to (including) 5.5.5

https://0g.vc/posts/insecure-cipher-gnuboard5/ No Types Assigned

https://0g.vc/posts/insecure-cipher-gnuboard5/ Exploit, Third Party Advisory

https://huntr.dev/bounties/c8c2c3e1-67d0-4a11-a4d4-11af567a9ebb No Types Assigned

https://huntr.dev/bounties/c8c2c3e1-67d0-4a11-a4d4-11af567a9ebb Exploit, Third Party Advisory

https://0g.vc/posts/insecure-cipher-gnuboard5/ [No Types Assigned]