CVE-2024-24553

Bludit uses the SHA-1 hashing algorithm to compute password hashes. Thus, attackers could determine cleartext passwords with brute-force attacks due to the inherent speed of SHA-1. In addition, the salt that is computed by Bludit is generated with a non-cryptographically secure function...

CVE-2024-24553

CVE-2024-24553 relates to Bludit, where password hashes are computed with SHA-1 and the salt is generated by a non-cryptographically secure function. Attackers could brute-force SHA-1 to recover plaintext passwords, per the description in multiple sources. The connected documents consistently des...

CVE-2022-23472

Passeo (open source Python password generator) before v1.0.5 uses the Python random module for value generation, which is non-cryptographically secure. This may allow a motivated attacker to guess generated passwords. The issue is addressed in v1.0.5; upgrade to that version. No public workaround...

Passeo 安全特征问题漏洞

Passeo is a Python password generator by the individual developer Arjun Sharda. A security signature issue vulnerability exists in versions of Passeo prior to 1.0.5 that stems from a reliance on the python random library for random value selection, which relies on a non-cryptographically secure...