Use of a Broken or Risky Cryptographic Algorithm

Overview org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm which may arise due to improper preservation of the configured cipher preference order. An attacker who can...

CVE-2025-55039

This issue affects Apache Spark versions before 3.4.4, 3.5.2 and 4.0.0. Apache Spark versions before 4.0.0, 3.5.2 and 3.4.4 use an insecure default network encryption cipher for RPC communication between nodes. When spark.network.crypto.enabled is set to true it is set to false by default, but...

Apache Spark has Inadequate Encryption Strength

This issue affects Apache Spark versions before 3.4.4, 3.5.2 and 4.0.0. Apache Spark versions before 4.0.0, 3.5.2 and 3.4.4 use an insecure default network encryption cipher for RPC communication between nodes. When spark.network.crypto.enabled is set to true it is set to false by default, but...

GO-2023-1804 Kyverno vulnerable due to usage of insecure cipher in github.com/kyverno/kyverno

Kyverno vulnerable due to usage of insecure cipher in github.com/kyverno/kyverno...

GHSA-HGV6-W7R3-W4QW Kyverno vulnerable due to usage of insecure cipher

Summary Insecure 3DES ciphers are used which may lead to exploitation of the Sweet32 vulnerability. Specifically, the ciphers TLSECDHERSAWITH3DESEDECBCSHA secp256r1 and TLSRSAWITH3DESEDECBCSHA rsa 2048 are allowed. See CVE-2016-2183. This is fixed in Kyverno v1.9.5 and v1.10.0 and no known users...

Kyverno vulnerable due to usage of insecure cipher

Summary Insecure 3DES ciphers are used which may lead to exploitation of the Sweet32 vulnerability. Specifically, the ciphers TLSECDHERSAWITH3DESEDECBCSHA secp256r1 and TLSRSAWITH3DESEDECBCSHA rsa 2048 are allowed. See CVE-2016-2183. This is fixed in Kyverno v1.9.5 and v1.10.0 and no known users...

CVE-2023-2443

Rockwell Automation ThinManager product allows the use of medium strength ciphers. If the client requests an insecure cipher, a malicious actor could potentially decrypt traffic sent between the client and server API...

SUSE CVE-2012-4571

Python Keyring 0.9.1 does not securely initialize the cipher when encrypting passwords for CryptedFileKeyring files, which makes it easier for local users to obtain passwords via a brute-force attack...

curl: CVE-2021-22897: schannel cipher selection surprise

Summary: Commit "schannel: support selecting ciphers" added support for selecting the ciphers with SCHANNEL. However, due to use of a static algIds array for ciphers in setsslciphers the last configured cipher list will override configuration used by other connections, leading to potential wrong...

CVE-2021-25763

In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default...

Google Android Qualcomm Component Unauthorized Operation Vulnerability (CNVD-2017-26831)

Android is a Linux-based open-source operating system developed by Google and the Open Handheld Alliance OHA, and Qualcomm closed-source components are among the closed-source components developed by Qualcomm. A security vulnerability exists in the Qualcomm closed-source component in Android, whi...

Insecure Cipher

github.com/go-macaron/macaron uses an insecure cipher for AES keys. The library uses MD5 to create AES keys which is considered insecure since MD5 is vulnerable to rainbow table attacks...

Insecure Default Cipher

github.com/kubernetes/kubernetes is uses an insecure cipher as its default. It defaults to TLS 1.0 which is vulnerable to the POODLE attack...

Insecure Cipher

requests uses an insecure cipher. The library uses the SHA1 hashing algorithm by default which was shown to be compromised with the SHA1 shatter attack. The library also does not offer any alternate hashing algorithm...

PYSEC-2012-8

Python Keyring 0.9.1 does not securely initialize the cipher when encrypting passwords for CryptedFileKeyring files, which makes it easier for local users to obtain passwords via a brute-force attack...

PYSEC-2012-8

Python Keyring 0.9.1 does not securely initialize the cipher when encrypting passwords for CryptedFileKeyring files, which makes it easier for local users to obtain passwords via a brute-force attack...

Fixed in Apache Tomcat 5.5.17, 5.0.SVN

Important: Information disclosure CVE-2007-1858 The default SSL configuration permitted the use of insecure cipher suites including the anonymous cipher suite. The default configuration no longer permits the use of insecure cipher suites. Affects: 5.0.0-5.0.30, 5.5.0-5.5.16...