VYPR

Go modules package

mellium.im/sasl

pkg:golang/mellium.im/sasl

Vulnerabilities (1)

  • CVE-2022-48195CriDec 31, 2022
    affected < 0.3.1fixed 0.3.1

    An issue was discovered in Mellium mellium.im/sasl before 0.3.1. When performing SCRAM-based SASL authentication, if the remote end advertises support for channel binding, no random nonce is generated (instead, the nonce is empty). This causes authentication to fail in the best c