CVE-2019-20138
The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the default algorithm for libsodium’s crypto_pwhash_str is not used.
Date published : 2019-12-30
https://github.com/FedericoCeratto/nim-httpauth/commit/15fd0686dc363075c08976ad897d6c92e1e6283c