2 matches found
CVE-2017-11131
The CVE-2017-11131 issue affects heinekingmedia StashCat across Android (1.7.5), Web (0.0.80w), and Desktop (0.0.86). The root cause is hashing user passwords with SHA-512 without a salt or key-derivation function, and using only the first 32 bytes of the hash. This enables dictionary and rainbow...
CVE-2017-11131
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. For authentication, the user password is hashed directly with SHA-512 without a salt or another key-derivation mechanism to enable a secure secret for...