Description
The product records password hashes in a data store, receives a hash of a password from a client, and compares the supplied hash to the hash obtained from the data store.
CVE vulnerabilities with CWE-836 (16)
10.0
CVSS
CRITICAL
CVE-2021-23857
pub. 2021-10-04
9.8
CVSS
CRITICAL
CVE-2023-34132
pub. 2023-07-13
9.2
CVSS
CRITICAL
CVE-2026-9222
pub. 2026-06-26
9.0
CVSS
CRITICAL
CVE-2023-4299
pub. 2023-08-31
8.8
CVSS
HIGH
CVE-2023-39546
pub. 2023-11-17
8.8
CVSS
HIGH
CVE-2023-23614
pub. 2023-01-26
8.8
CVSS
HIGH
CVE-2022-32282
pub. 2022-08-22
8.7
CVSS
HIGH
CVE-2019-25552
pub. 2026-03-21
8.6
CVSS
HIGH
CVE-2025-62618
pub. 2025-10-31
7.3
CVSS
HIGH
CVE-2017-7927
pub. 2017-05-06
6.5
CVSS
MEDIUM
CVE-2026-44736
pub. 2026-06-26
6.2
CVSS
MEDIUM
CVE-2023-23450
pub. 2023-05-15
5.3
CVSS
MEDIUM
CVE-2025-52543
pub. 2025-09-02
4.9
CVSS
MEDIUM
CVE-2025-64471
pub. 2025-12-09
4.3
CVSS
MEDIUM
CVE-2026-40103
pub. 2026-04-10
4.3
CVSS
MEDIUM
CVE-2025-48925
pub. 2025-05-28