Insecure Cryptography Algorithm in org.ojalgo:ojalgo

Do your applications use this vulnerable package? Test your applications

Overview

Affected versions of this package are vulnerable to Insecure Cryptography Algorithm. It uses the unsafe MD5 cryptographic algorithm to store passwords.

Remediation

Upgrade org.ojalgo:ojalgo to version 48.3.2 or higher.

References

GitHub PR

Attack Vector

Network
Attack Complexity

High
Privileges Required

None
User Interaction

None
Scope

Changed
Confidentiality

High
Integrity

None
Availability

None

Credit: Unknown
CWE: CWE-310
Snyk ID: SNYK-JAVA-ORGOJALGO-1028059
Disclosed: 31 Oct, 2020
Published: 07 Jan, 2021

Insecure Cryptography Algorithm
Affecting org.ojalgo:ojalgo artifact, versions [0,48.3.2)

Overview

Remediation

References

CVSS Score

Insecure Cryptography Algorithm Affecting org.ojalgo:ojalgo artifact, versions [0,48.3.2)

Overview

Remediation

References

Insecure Cryptography Algorithm
Affecting org.ojalgo:ojalgo artifact, versions [0,48.3.2)