Nixpkgs Security Tracker

Untriaged

Permalink CVE-2014-2354

created 1 month ago

Cogent DataHub before 7.3.5 does not use a salt during …

Cogent DataHub before 7.3.5 does not use a salt during password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.

References

http://ics-cert.us-cert.gov/advisories/ICSA-14-149-02 x_refsource_MISC
http://ics-cert.us-cert.gov/advisories/ICSA-14-149-02 x_refsource_MISC x_transferred
https://www.cisa.gov/news-events/ics-advisories/icsa-14-149-02
http://cogentdatahub.com/Download_Software.html
http://ics-cert.us-cert.gov/advisories/ICSA-14-149-02 x_refsource_MISC x_transferred
https://www.cisa.gov/news-events/ics-advisories/icsa-14-149-02
http://cogentdatahub.com/Download_Software.html
http://ics-cert.us-cert.gov/advisories/ICSA-14-149-02 x_refsource_MISC x_transferred

Affected products

n/a

==n/a

DataHub

<7.3.5

Matching in nixpkgs

pkgs.python312Packages.cryptodatahub

Repository of cryptography-related data

nixos-25.11 1.0.0
- nixos-25.11-small 1.0.0
- nixpkgs-25.11-darwin 1.0.0

pkgs.python313Packages.cryptodatahub

Repository of cryptography-related data

nixos-unstable 1.0.2
- nixpkgs-unstable 1.0.2
- nixos-unstable-small 1.0.2
nixos-25.11 1.0.0
- nixos-25.11-small 1.0.0
- nixpkgs-25.11-darwin 1.0.0

pkgs.python314Packages.cryptodatahub

Repository of cryptography-related data

nixos-unstable 1.0.2
- nixpkgs-unstable 1.0.2
- nixos-unstable-small 1.0.2

Package maintainers

@Prince213 Sizhe Zhao <prc.zhao@outlook.com>
@ethancedwards8 Ethan Carter Edwards <ethan@ethancedwards.com>
@wegank Weijia Wang <contact@weijia.wang>
@OPNA2608 Cosima Neidahl <opna2608@protonmail.com>
@phanirithvij Phani Rithvij <phanirithvij2000@gmail.com>
@eljamm Fedi Jamoussi <fedi.jamoussi@protonmail.ch>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.python312Packages.cryptodatahub

pkgs.python313Packages.cryptodatahub

pkgs.python314Packages.cryptodatahub

Package maintainers