Security Advisory

CVE-2025-22228

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-20 05:49:19

Last updated 2026-02-26 19:09:20

Assigner vmware

State PUBLISHED

Description

BCryptPasswordEncoder.matches(CharSequence,String) will incorrectly return true for passwords larger than 72 characters as long as the first 72 characters are the same.

← Browse all CVEs View on cve.org ↗