10 matches found
EUVD-2024-0999
Malicious code in bioql PyPI...
GO-2025-3917 NeuVector has an insecure password storage vulnerable to rainbow attack in github.com/neuvector/neuvector
NeuVector has an insecure password storage vulnerable to rainbow attack in github.com/neuvector/neuvector. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...
Use of Password Hash With Insufficient Computational Effort
Overview Affected versions of this package are vulnerable to Use of Password Hash With Insufficient Computational Effort due to the use of a simple, unsalted hash for storing user passwords and API keys. An attacker can obtain sensitive information by performing offline rainbow table attacks...
CVE-2024-29886
Serverpod is an app and web server, built for the Flutter and Dart ecosystem. An issue was identified with the old password hash algorithm that made it susceptible to rainbow attacks if the database was compromised. This vulnerability is fixed by 1.2.6...
CVE-2024-29886
Serverpod is an app and web server, built for the Flutter and Dart ecosystem. An issue was identified with the old password hash algorithm that made it susceptible to rainbow attacks if the database was compromised. This vulnerability is fixed by 1.2.6...
CVE-2024-29886 Improved security for stored password hashes
Serverpod is an app and web server, built for the Flutter and Dart ecosystem. An issue was identified with the old password hash algorithm that made it susceptible to rainbow attacks if the database was compromised. This vulnerability is fixed by 1.2.6...
CVE-2024-29886
CVE-2024-29886 affects Serverpod; root cause is an outdated password hash algorithm vulnerable to rainbow attacks if the database is compromised. The issue is mitigated by upgrading to Serverpod 1.2.6, which switches to the Argon2id password hash algorithm for the email authentication module. Not...
CVE-2024-29886 Improved security for stored password hashes
Serverpod is an app and web server, built for the Flutter and Dart ecosystem. An issue was identified with the old password hash algorithm that made it susceptible to rainbow attacks if the database was compromised. This vulnerability is fixed by 1.2.6...
CVE-2024-29886 Improved security for stored password hashes
Serverpod is an app and web server, built for the Flutter and Dart ecosystem. An issue was identified with the old password hash algorithm that made it susceptible to rainbow attacks if the database was compromised. This vulnerability is fixed by 1.2.6...
PT-2024-23109
Name of the Vulnerable Software and Affected Versions Serverpod versions prior to 1.2.6 Description An issue was identified with the old password hash algorithm used by Serverpod, making it susceptible to rainbow attacks if the database was compromised. The vulnerability is addressed by switching...