Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2020-28052

An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect passwords to indicate they were matching with previously hashed ones that were different.

See the

CVE page on Mitre.org for more details.

References

MISC: https://github.com/bcg...
MISC: https://www.bouncycast...
MISC: https://www.synopsys.c...
MLIST: [druid-commits] 202101...
MLIST: [druid-commits] 202101...
MLIST: [kafka-jira] 20210107 ...
MLIST: [pulsar-commits] 20210...
MLIST: [druid-commits] 202101...
MLIST: [pulsar-commits] 20210...
MLIST: [solr-issues] 20210525...
MISC: https://www.oracle.com...
MISC: https://www.oracle.com...
MLIST: [karaf-issues] 2021081...
MLIST: [karaf-issues] 2021081...
MLIST: [karaf-issues] 2021081...
MLIST: [karaf-issues] 2021081...
MLIST: [karaf-issues] 2021081...
MLIST: [karaf-issues] 2021081...
MLIST: [karaf-issues] 2021081...
MLIST: [karaf-issues] 2021082...
MLIST: [karaf-issues] 2021082...
MLIST: [karaf-issues] 2021082...
MISC: https://www.oracle.com...
MISC: https://www.oracle.com...
MISC: https://www.oracle.com...
MISC: https://www.oracle.com...

Launchpad.net

CVE 2020-28052

Related bugs

References