PT-2020-19712 · Openbsd · Bcrypt

Pool683

Published

2020-07-01

Updated

2021-07-21

CVE-2020-7689

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions bcrypt versions prior to 5.0.0

Description The issue occurs when data length exceeds 255 bytes, resulting in incorrect truncation.

Recommendations For versions prior to 5.0.0, update to version 5.0.0 or later to resolve the issue.

Fix

Integer Overflow

Use of a Broken Cryptographic Algorithm

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2020-7689

GHSA-5WG4-74H6-Q47V

SNYK-JS-BCRYPT-572911

Bcrypt