24 matches found
OESA-2026-1723 rubygem-bcrypt security update
bcrypt is a sophisticated and secure hash algorithm designed by The OpenBSD project for hashing passwords. bcrypt-ruby provides a simple, humane wrapper for safely handling passwords. Security Fixes: bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt password hashing algorithm. Prior to version...
CVE-2026-33306
bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt password hashing algorithm. Prior to version 3.1.22, an integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. T...
UBUNTU-CVE-2026-33306
bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt password hashing algorithm. Prior to version 3.1.22, an integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. T...
CVE-2026-33306
bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt password hashing algorithm. Prior to version 3.1.22, an integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. T...
CVE-2026-33306 bcrypt-ruby has an Integer Overflow that Causes Zero Key-Strengthening Iterations at Cost=31 on JRuby
bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt password hashing algorithm. Prior to version 3.1.22, an integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. T...
CVE-2026-33306 bcrypt-ruby has an Integer Overflow that Causes Zero Key-Strengthening Iterations at Cost=31 on JRuby
bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt password hashing algorithm. Prior to version 3.1.22, an integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. T...
CVE-2026-33306 bcrypt-ruby has an Integer Overflow that Causes Zero Key-Strengthening Iterations at Cost=31 on JRuby
bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt password hashing algorithm. Prior to version 3.1.22, an integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. T...
bcrypt-ruby 输入验证错误漏洞
bcrypt-ruby is an open-source secure password hashing tool developed by bcrypt-ruby. Versions of bcrypt-ruby prior to 3.1.22 had a vulnerability related to input validation. This vulnerability stemmed from integer overflow in the JRuby implementation, which led to enhanced circular zero iteration...
bcrypt-ruby has an Integer Overflow that Causes Zero Key-Strengthening Iterations at Cost=31 on JRuby
Impact An integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. The JRuby implementation of bcrypt-ruby BCrypt.java computes the key-strengthening round count as a...
GHSA-F27W-VCWJ-C954 bcrypt-ruby has an Integer Overflow that Causes Zero Key-Strengthening Iterations at Cost=31 on JRuby
Impact An integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. The JRuby implementation of bcrypt-ruby BCrypt.java computes the key-strengthening round count as a...
bcrypt-ruby has an Integer Overflow that Causes Zero Key-Strengthening Iterations at Cost=31 on JRuby
Impact An integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. The JRuby implementation of bcrypt-ruby BCrypt.java computes the key-strengthening round count as a...
PT-2026-26246
Name of the Vulnerable Software and Affected Versions bcrypt-ruby versions prior to 3.1.22 Description The bcrypt-ruby gem, a Ruby binding for the OpenBSD bcrypt password hashing algorithm, contains a flaw in its Java BCrypt implementation for JRuby. Specifically, an integer overflow in the...
SUSE: Security Advisory (SUSE-SU-2025:20921-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Recommended update of flake-pilot
This update for flake-pilot fixes the following issues: Update version to 3.1.22. Fixes to use flakes as normal user Running a flake is a container based instance provisioning and startup. Some part of this process requires root permissions for example mounting the container instance store for th...
OPENSUSE-SU-2025:20013-1 Recommended update of flake-pilot
This update for flake-pilot fixes the following issues: Update version to 3.1.22. - Fixes to use flakes as normal user Running a flake is a container based instance provisioning and startup. Some part of this process requires root permissions for example mounting the container instance store for...
SUSE-SU-2025:20921-1 Recommended update of flake-pilot
This update for flake-pilot fixes the following issues: Update version to 3.1.22. - Fixes to use flakes as normal user Running a flake is a container based instance provisioning and startup. Some part of this process requires root permissions for example mounting the container instance store for...
WordPress FULL Customer Plugin <= 3.1.22 is vulnerable to Cross Site Scripting (XSS)
Software FULL Customer Type Plugin Vulnerable versions = 3.1.22 Fixed in 3.1.23 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9211 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 199342483259 Credits vgo0 Required...
Security fix for the ALT Linux 10 package dotnet-coreclr-3.1 version 3.1.22-alt1
3.1.22-alt1 built Feb. 21, 2022 Vitaly Lipatov in task 295271 Feb. 12, 2022 Vitaly Lipatov - new version 3.1.22 with rpmgs script - CVE-2021-34485: .NET Core Information Disclosure Vulnerability - CVE-2021-26423: .NET Core Denial of Service Vulnerability...
ALEA-2022:0322 .NET Core 3.1 bugfix and enhancement update
.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fixes and Enhancements: Update .NET Core 3.1 to SDK 3.1.416 and Runtime 3.1.22 almalinux-8.5.0.z BZ2031429...
.NET Core 3.1 bugfix and enhancement update
.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fixes and Enhancements: Update .NET Core 3.1 to SDK 3.1.416 and Runtime 3.1.22 almalinux-8.5.0.z BZ2031429...