CVE-2016-20013 in sha256cryptinfo

Summary

by MITRE • 02/19/2022

sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservation

02/19/2022

Disclosure

02/19/2022

Moderation

accepted

Entry

VDB-193532

CPE

ready

CWE

CWE-407 (confirmed)

CVSS

3.5 (VulDB)

EPSS

0.02200

KEV

Activities

very low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-20013
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-20013
CVE Details	https://www.cvedetails.com/cve/CVE-2016-20013/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!