2 matches found
CVE-2014-9016
The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes aka phpass module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service CPU and memory consumption via a crafted request...
Cross site request forgery (csrf)
The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes aka phpass module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service CPU and memory consumption via a crafted request...