The product uses an algorithm that produces a digest (output value) that does not meet security expectations for a hash function that allows an adversary to reasonably determine the original input (preimage attack), find another input that can produce the same hash (2nd preimage attack), or find multiple inputs that evaluate to the same hash (birthday attack).
56 vulnerabilities with CWE-328
CVE-2022-43922
MEDIUM
IBM App Connect Enterprise Certified Container <6.2 - Info Disclosure
CVSS 5.3
CVE-2022-3433
MEDIUM
Haskell Aeson < 2.0.1.0 - Weak Encryption
CVSS 6.5
CVE-2022-29835
MEDIUM
Westerndigital WD Discovery < 4.4.396 - Weak Encryption
CVSS 5.3
CVE-2022-29249
HIGH
JavaEZ 1.6 - Info Disclosure
CVSS 7.5
CVE-2021-39182
HIGH
EnroCrypt <1.1.4 - Info Disclosure
CVSS 7.5
CVE-2019-13539
HIGH
Medtronic Valleylab Exchange Client <3.4 - Info Disclosure
CVSS 7.0
Details
Vulnerabilities
56