Jump to:

CVE-2013-7469

Jump to:

CVE-2013-7469

Package seafile updated to version 7.0.6-alt1 for branch p9 in task 249087.

Published: 2019-02-21
Modified: 2024-11-21

CVE-2013-7469

Seafile through 6.2.11 always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.

Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

References:

https://drive.google.com/file/d/1rwYsnuhZZxmSR6Zs8rJlWW3R27XBOSJU/view
https://drive.google.com/file/d/1rwYsnuhZZxmSR6Zs8rJlWW3R27XBOSJU/view
https://github.com/haiwen/seafile/issues/350
https://github.com/haiwen/seafile/issues/350

Version: 2.1.0

Package seafile update in p9 on 2020-04-08

ALT-PU-2020-1684-1

Closed vulnerabilities

CVE-2013-7469