Bug ID	1234627
Summary	VUL-0: CVE-2024-7701: percona-toolkit: use of password hash with insufficient computational effort
Classification	openSUSE
Product	openSUSE Distribution
Version	Leap 15.6
Hardware	Other
URL	https://smash.suse.de/issue/432929/
OS	Other
Status	NEW
Severity	Normal
Priority	P5 - None
Component	Security
Assignee	security-team@suse.de
Reporter	smash_bz@suse.de
QA Contact	security-team@suse.de
CC	abergmann@suse.com
Target Milestone	---
Found By	Security Response Team
Blocker	---

Use of Password Hash With Insufficient Computational Effort vulnerability in
percona percona-toolkit allows Encryption Brute Forcing.This issue affects
percona-toolkit: 3.6.0.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-7701
https://www.cve.org/CVERecord?id=CVE-2024-7701
https://github.com/percona/percona-toolkit/blob/aa1ac0e6889168fddf73c3a72d447e9ea0c0c63b/src/go/pt-secure-collect/encrypt.go#L17

You are receiving this mail because:

You are on the CC list for the bug.