{"id":"CVE-2021-41096","details":"Rucky is a USB HID Rubber Ducky Launch Pad for Android. Versions 2.2 and earlier for release builds and versions 425 and earlier for nightly builds suffer from use of a weak cryptographic algorithm (RSA/ECB/PKCS1Padding). The issue will be patched in v2.3 for release builds and 426 onwards for nightly builds. As a workaround, one may disable an advance security feature if not required.","modified":"2026-04-11T18:45:31.036688Z","published":"2021-09-27T20:15:07.337Z","related":["GHSA-32m7-456v-wgfw"],"references":[{"type":"ADVISORY","url":"https://github.com/mayankmetha/Rucky/security/advisories/GHSA-32m7-456v-wgfw"},{"type":"FIX","url":"https://github.com/mayankmetha/Rucky/commit/5e3a477365009f488a73efd26a91168502de1b93"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mayankmetha/rucky","events":[{"introduced":"0"},{"last_affected":"48fe028f3ea4b3e7544f03bce21ed6c93320abd4"},{"fixed":"5e3a477365009f488a73efd26a91168502de1b93"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.2"}]}}],"versions":["1.0","1.1","1.2","1.3","1.4","1.5","1.6","1.7","1.8","1.9","2.0","2.1","2.2"],"database_specific":{"vanir_signatures_modified":"2026-04-11T18:45:31Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-41096.json","vanir_signatures":[{"deprecated":false,"signature_type":"Line","source":"https://github.com/mayankmetha/rucky/commit/5e3a477365009f488a73efd26a91168502de1b93","target":{"file":"app/src/main/java/com/mayank/rucky/activity/ConfigActivity.java"},"digest":{"line_hashes":["36139303741177313712045485323918694941","330896420744429202929028829877052246207","303351355776508932431768391220078207731","246641387394025854117350498103808224585","104573523005990588202974897827605002984"],"threshold":0.9},"signature_version":"v1","id":"CVE-2021-41096-4d784908"},{"deprecated":false,"signature_type":"Function","source":"https://github.com/mayankmetha/rucky/commit/5e3a477365009f488a73efd26a91168502de1b93","target":{"function":"updateStatus","file":"app/src/main/java/com/mayank/rucky/activity/ConfigActivity.java"},"digest":{"function_hash":"197244104767391408009134254427680386101","length":1106},"signature_version":"v1","id":"CVE-2021-41096-6f36a9cd"},{"deprecated":false,"signature_type":"Line","source":"https://github.com/mayankmetha/rucky/commit/5e3a477365009f488a73efd26a91168502de1b93","target":{"file":"app/src/main/java/com/mayank/rucky/utils/Randoms.java"},"digest":{"line_hashes":["336401844564868207412137317502660699653","244681312511404319471135565964128796452","172958805059072648498455729820626846900","232294838118719937317370879063460203103","19127615541084363029077055259622291019","62779345299265859850019787110583385787","210539749145132758329303634167652734366"],"threshold":0.9},"signature_version":"v1","id":"CVE-2021-41096-91d5df12"},{"deprecated":false,"signature_type":"Line","source":"https://github.com/mayankmetha/rucky/commit/5e3a477365009f488a73efd26a91168502de1b93","target":{"file":"app/src/main/java/com/mayank/rucky/utils/Constants.java"},"digest":{"line_hashes":["30850179477233262800974720103266693413","298133565078009718254250703856915508661","74181897181156011816469431023642884277","336487501109454052064246782028766785150","301742228892140317140296651444043136282","146113648087197939516077373026751690805","260044984883403456929619744457038640292"],"threshold":0.9},"signature_version":"v1","id":"CVE-2021-41096-b1cb665b"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}