Lucene search
GoogleOSV:GHSA-R5C2-RXH2-F5H2HistoryMay 14, 2022 - 3:44 a.m.
Exposure of Sensitive Information to an Unauthorized Actor in Apache Jasypt
2022-05-1403:44:52
Google
osv.dev
12
0.004 Low
EPSS
Percentile
75.0%
jasypt before 1.9.2 allows a timing attack against the password hash comparison.
References
access.redhat.com/errata/RHSA-2017:2546
access.redhat.com/errata/RHSA-2017:2547
access.redhat.com/errata/RHSA-2017:2808
access.redhat.com/errata/RHSA-2017:2809
access.redhat.com/errata/RHSA-2017:2810
access.redhat.com/errata/RHSA-2017:2811
access.redhat.com/errata/RHSA-2017:3141
access.redhat.com/errata/RHSA-2018:0294
nvd.nist.gov/vuln/detail/CVE-2014-9970
sourceforge.net/p/jasypt/code/668
Related
redhatcve
redhatcve
CVE-2014-9970
2019-11-02 16:18:21
cve
cve
CVE-2014-9970
2017-05-21 18:29:00
nvd
nvd
CVE-2014-9970
2017-05-21 18:29:00
veracode
veracode
Timing Attack
2017-05-22 02:30:24
Timing Attack
2019-01-15 09:19:20
debiancve
debiancve
CVE-2014-9970
2017-05-21 18:29:00
github
github
Exposure of Sensitive Information to an Unauthorized Actor in Apache Jasypt
2022-05-14 03:44:52
ubuntucve
ubuntucve
CVE-2014-9970
2017-05-21 00:00:00
cvelist
cvelist
CVE-2014-9970
2017-05-21 18:00:00
prion
prion
Default credentials
2017-05-21 18:29:00
nessus
nessus
RHEL 7 : rhvm-appliance (RHSA-2017:3141)
2017-11-10 00:00:00
RHEL 6 : Red Hat JBoss Enterprise Application Platform (RHSA-2017:2809)
2017-09-28 00:00:00
RHEL 6 : rh-sso7-keycloak (RHSA-2017:2904)
2017-10-19 00:00:00
redhat
redhat
(RHSA-2017:2547) Important: Red Hat JBoss BRMS 6.4.5 security update
2017-08-29 19:32:06
(RHSA-2017:3141) Important: rhvm-appliance security, bug fix, and enhancement update
2017-11-07 17:03:46
(RHSA-2018:0294) Important: Red Hat JBoss Data Grid 7.1.2 security update
2018-02-12 17:18:53