← voltar
CVE-2014-9970

CVE-2014-9970

EPSS 2.4%
jasypt before 1.9.2 allows a timing attack against the password hash comparison.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://access.redhat.com/errata/RHSA-2017:2546https://access.redhat.com/errata/RHSA-2017:2547https://access.redhat.com/errata/RHSA-2017:2808https://access.redhat.com/errata/RHSA-2017:2809https://access.redhat.com/errata/RHSA-2017:2810https://access.redhat.com/errata/RHSA-2017:2811https://access.redhat.com/errata/RHSA-2017:3141https://access.redhat.com/errata/RHSA-2018:0294https://sourceforge.net/p/jasypt/code/668/http://www.securitytracker.com/id/1039744http://www.securitytracker.com/id/1040360