BCryptPasswordEncoder.matches(CharSequence,String) will incorrectly return true for passwords larger than 72 characters as long as the first 72 characters are the same.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| OCP-Tools-4.12-RHEL-8 | RedHat | jenkins-0:2.504.2.1750932984-3.el8 | * |
| OCP-Tools-4.12-RHEL-8 | RedHat | jenkins-2-plugins-0:4.12.1750933270-1.el8 | * |
| OCP-Tools-4.13-RHEL-8 | RedHat | jenkins-0:2.504.2.1750916374-3.el8 | * |
| OCP-Tools-4.13-RHEL-8 | RedHat | jenkins-2-plugins-0:4.13.1750916671-1.el8 | * |
| OCP-Tools-4.14-RHEL-8 | RedHat | jenkins-0:2.504.2.1750903189-3.el8 | * |
| OCP-Tools-4.14-RHEL-8 | RedHat | jenkins-2-plugins-0:4.14.1750903529-1.el8 | * |
| OCP-Tools-4.15-RHEL-8 | RedHat | jenkins-0:2.504.2.1750856366-3.el8 | * |
| OCP-Tools-4.15-RHEL-8 | RedHat | jenkins-2-plugins-0:4.15.1750856638-1.el8 | * |
| OCP-Tools-4.16-RHEL-9 | RedHat | jenkins-0:2.504.2.1750857144-3.el9 | * |
| OCP-Tools-4.16-RHEL-9 | RedHat | jenkins-2-plugins-0:4.16.1750857315-1.el9 | * |
| OCP-Tools-4.17-RHEL-9 | RedHat | jenkins-0:2.504.2.1750851690-3.el9 | * |
| OCP-Tools-4.17-RHEL-9 | RedHat | jenkins-2-plugins-0:4.17.1750851950-1.el9 | * |
| OCP-Tools-4.18-RHEL-9 | RedHat | jenkins-0:2.504.2.1750846524-3.el9 | * |
| OCP-Tools-4.18-RHEL-9 | RedHat | jenkins-2-plugins-0:4.18.1750846854-1.el9 | * |
| Red Hat build of Apache Camel 4.8.5 for Spring Boot | RedHat | spring-security-core | * |