Lowtenderlove

**Name of the Vulnerable Software and Affected Versions** bcrypt-ruby versions prior to 3.1.22 **Description** The bcrypt-ruby gem, a Ruby binding for the OpenBSD bcrypt() password hashing algorithm, contains a flaw in its Java BCrypt implementation for JRuby. Specifically, an integer overflow in the `BCrypt.java` file occurs when the `cost` parameter is set to 31. This overflow results in zero iterations during the key-strengthening loop, effectively reducing the bcrypt process to constant-time computation. The resulting hash appears valid and can be verified using `checkpw`, concealing the weakness. This issue is triggered only when `cost=31` is used or when verifying a `$2a$31$` hash. **Recommendations** Upgrade to bcrypt-ruby version 3.1.22 or later. As a workaround, set the `cost` parameter to a value less than 31.