Home > Vulnerability Database > CVE-2024-29886

Mend.io Vulnerability Database

CVE-2024-29886

Good to know:

Date: March 27, 2024

Serverpod is an app and web server, built for the Flutter and Dart ecosystem. An issue was identified with the old password hash algorithm that made it susceptible to rainbow attacks if the database was compromised. This vulnerability is fixed by 1.2.6.

Language: D

Severity Score

5.3

Related Resources (5)

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-29886

Url: https://github.com/serverpod/serverpod/commit/a78b9e9f1de74d1300633a122b6cc0f064139ad6

Url: https://github.com/serverpod/serverpod/security/advisories/GHSA-r75m-26cq-mjxc

Url: https://github.com/serverpod/serverpod

Url: https://www.mend.io/vulnerability-database/CVE-2024-29886

Severity Score

5.3

Weakness Type (CWE)

Use of Password Hash With Insufficient Computational Effort

CWE-916

Top Fix

Upgrade Version

Upgrade to version 1.2.6

Learn More

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2024-29886

Good to know:

Date: March 27, 2024

Language: D

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?