CVE-2019-20138
CVE-2019-20138 affects Nim’s HTTP Authentication library up to 2019-12-27. The root cause is failing to use libsodium’s default password-hash algorithm (crypto_pwhash_str), leading to weak password hashing. Impact is described as weak authentication security; CVSS notes show high severity (3.1) w...