On Wed, Sep 25, 2024 at 06:28:16AM +0000, Enxin Xie wrote: > Severity: low > > Affected versions: > > - Apache Answer through 1.3.5 > > Description: > > Inadequate Encryption Strength vulnerability in Apache Answer. > > This issue affects Apache Answer: through 1.3.5. > > Using the MD5 value of a user's email to access Gravatar is insecure and can > lead to the leakage of user email. The official recommendation is to use > SHA256 instead. > Users are recommended to upgrade to version 1.4.0, which fixes the issue. > > Credit: > > 张岳熙 (reporter) > > References: > > https://answer.incubator.apache.org > https://www.cve.org/CVERecord?id=CVE-2024-40761
What is the specific property of SHA256 required here? Email addresses have low entropy and I suspect they can be easily brute-forced, so leaking the SHA256 has is still bad. Instead, I would use a seeded PRF with a seed only known to the server, ensuring that the resulting value does not leak any information about the email. -- Sincerely, Demi Marie Obenour (she/her/hers) Invisible Things Lab
signature.asc
Description: PGP signature
