GHSA-p539-q9q2-vqr2HighCVSS 7.5

Version 3.0.7 of the Securly Chrome Extension uses EVP_BytesToKey key derivation with MD5 and a...

Published
June 3, 2026
Last Modified
June 4, 2026

🔗 CVE IDs covered (1)

📋 Description

Version 3.0.7 of the Securly Chrome Extension uses EVP_BytesToKey key derivation with MD5 and a single iteration for AES encryption. MD5 has been broken since 2004 and a single iteration provides no key stretching.

🔗 References (3)