{"id":"PYSEC-2023-213","details":"Inadequate encryption strength in mycli 1.27.0 allows attackers to view sensitive information via /mycli/config.py","aliases":["CVE-2023-44690","GHSA-v9vj-9pxv-mr2w"],"modified":"2025-10-09T08:24:35.637633Z","published":"2023-10-19T22:15:00Z","references":[{"type":"REPORT","url":"https://github.com/dbcli/mycli/issues/1131"}],"affected":[{"package":{"name":"mycli","ecosystem":"PyPI","purl":"pkg:pypi/mycli"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.0.0","1.0.0","1.0.1","1.1.1","1.10.0","1.11.0","1.12.0","1.12.1","1.13.0","1.13.1","1.14.0","1.15.0","1.16.0","1.17.0","1.18.0","1.18.1","1.18.2","1.19.0","1.2.0","1.20.0","1.20.1","1.21.0","1.21.1","1.22.0","1.22.1","1.22.2","1.23.0","1.23.1","1.23.2","1.24.0","1.24.1","1.24.2","1.24.3","1.24.4","1.25.0","1.26.0","1.26.1","1.27.0","1.3.0","1.4.0","1.5.0","1.5.1","1.5.2","1.6.0","1.7.0","1.7.1","1.8.0","1.8.1","1.9.0","1.27.1","1.27.2","1.28.0","1.29.1","1.29.2","1.30.0","1.31.1","1.31.2","1.32.0","1.33.0","1.34.0","1.34.1","1.34.2","1.34.3","1.34.4","1.35.0","1.36.0","1.37.0","1.37.1","1.38.0","1.38.1","1.38.2","1.38.3","1.38.4","1.39.0","1.39.1"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/mycli/PYSEC-2023-213.yaml"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}