Information Disclosure
october/october is vulnerable to Information Disclosure. Remote unauthenticated attackers are able to exfiltrate user private keys via non-authoritative gateway servers because the library does not validate gateway server signatures...