Maven package
org.jasypt/jasypt
pkg:maven/org.jasypt/jasypt
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-9970 | Hig | 7.5 | < 1.9.2 | 1.9.2 | May 21, 2017 | jasypt before 1.9.2 allows a timing attack against the password hash comparison. |
- affected < 1.9.2fixed 1.9.2
jasypt before 1.9.2 allows a timing attack against the password hash comparison.