Описание
bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | code not present |
| devel | not-affected | code not present |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | not-affected | code not present |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| trusty | not-affected | code not present |
| trusty/esm | not-affected | code not present |
| upstream | released | 2.1.0 |
| vivid/stable-phone-overlay | DNE |
Показывать по
7.5 High
CVSS3
Связанные уязвимости
bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password.
bcrypt password hashing in Botan before 2.1.0 does not correctly handl ...
bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password.
7.5 High
CVSS3