VYPR

ssb-db

by ssbc

npm: ssb-db

Source repositories

CVEs (1)

  • CVE-2020-4045HigJun 11, 2020
    risk 0.42cvss 7.5epss 0.01

    SSB-DB version 20.0.0 has an information disclosure vulnerability. The get() method is supposed to only decrypt messages when you explicitly ask it to, but there is a bug where it's decrypting any message that it can. This means that it is returning the decrypted content of…