Integer overflow in the crypt_raw method in the key-stretching implementation in jBCrypt before 0.4 makes it easier for remote attackers to determine cleartext values of password hashes via a brute-force attack against hashes associated with the maximum exponent.
Max CVSS
5.0
EPSS Score
0.49%
Published
2015-02-28
Updated
2021-09-24
1 vulnerabilities found