漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Emissary Use of a Broken or Risky Cryptographic Algorithm
Vulnerability Description
Emissary is a P2P based data-driven workflow engine. The ChecksumCalculator class within allows for hashing and checksum generation, but it includes or defaults to algorithms that are no longer recommended for secure cryptographic use cases (e.g., SHA-1, CRC32, and SSDEEP). These algorithms, while possibly valid for certain non-security-critical tasks, can expose users to security risks if used in scenarios where strong cryptographic guarantees are required. This issue is fixed in 8.24.0.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
使用已被攻破或存在风险的密码学算法
Vulnerability Title
Emissary 加密问题漏洞
Vulnerability Description
Emissary是National Security Agency开源的一个分布式 P2P 数据驱动工作流框架。 Emissary 8.24.0之前版本存在加密问题漏洞,该漏洞源于使用不安全加密算法导致安全风险。
CVSS Information
N/A
Vulnerability Type
N/A