Maven package
org.opencastproject/opencast-common-jpa-impl
pkg:maven/org.opencastproject/opencast-common-jpa-impl
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-5229 | — | < 7.6 | 7.6 | Jan 30, 2020 | Opencast before 8.1 stores passwords using the rather outdated and cryptographically insecure MD5 hash algorithm. Furthermore, the hashes are salted using the username instead of a random salt, causing hashes for users with the same username and password to collide which is probl |
- CVE-2020-5229Jan 30, 2020affected < 7.6fixed 7.6
Opencast before 8.1 stores passwords using the rather outdated and cryptographically insecure MD5 hash algorithm. Furthermore, the hashes are salted using the username instead of a random salt, causing hashes for users with the same username and password to collide which is probl