5 matches found
Jervis's Salt for PBKDF2 derived from password
Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL869-L870...
PT-2025-47978
Name of the Vulnerable Software and Affected Versions Inside Track / Entropy Derby versions prior to commit 2d38d2f Description The VDF-based timelock encryption system in Inside Track / Entropy Derby fails to enforce sequential delay against the betting operator. This allows bettors to pre-compu...
LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks
A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange for both export and non-export grade cipher suites. An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lea...
LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks
A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange for both export and non-export grade cipher suites. An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lea...
LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks
A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange for both export and non-export grade cipher suites. An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lea...