Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2005-4900

Published: 14/10/2016 Updated: 09/12/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

SHA-1 is not collision resistant, which makes it easier for context-dependent malicious users to conduct spoofing attacks, as demonstrated by attacks on the use of SHA-1 in TLS 1.2. NOTE: this CVE exists to provide a common identifier for referencing this SHA-1 issue; the existence of an identifier is not, by itself, a technology recommendation.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

Vendor Advisories

Debian CVElist Bug Report Logs: gradle: CVE-2019-16370
Debian Bug report logs - #941186 gradle: CVE-2019-16370 Package: src:gradle; Maintainer for src:gradle is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 26 Sep 2019 05:03:02 UTC Severity: important Tags: security, upstream Foun ...

References

CWE-326http://ia.cr/2007/474https://sites.google.com/site/itstheshappeninghttps://www.schneier.com/blog/archives/2005/08/new_cryptanalyt.htmlhttps://www.schneier.com/blog/archives/2005/02/sha1_broken.htmlhttps://security.googleblog.com/2015/12/an-update-on-sha-1-certificates-in.htmlhttps://security.googleblog.com/2017/02/announcing-first-sha1-collision.htmlhttps://arstechnica.com/security/2017/02/at-deaths-door-for-years-widely-used-sha1-function-is-now-dead/http://www.cwi.nl/news/2017/cwi-and-google-announce-first-collision-industry-security-standard-sha-1http://shattered.io/http://www.securityfocus.com/bid/12577https://kc.mcafee.com/corporate/index?page=content&id=SB10340https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941186https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201CVE-2024-4779CVE-2024-35090CVE-2024-5084hard-codedCVE-2024-4985HTML injectionCVE-2024-33655local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook