Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MD5 is a weak hash known to have hash collisions. #1

Open
swami-manickam opened this issue Dec 4, 2024 · 0 comments
Open

MD5 is a weak hash known to have hash collisions. #1

swami-manickam opened this issue Dec 4, 2024 · 0 comments

Comments

@swami-manickam
Copy link

Dear AppDynamics Security Team,

I am writing to report a security vulnerability identified in our codebase that involves the usage of the MD5 hash function.
The vulnerability associated with the MD5 hash function is that it is susceptible to hash collisions, which occur when two different input values produce the same hash value. This makes it possible for attackers to create malicious data that has the same hash as legitimate data, allowing them to bypass security measures and potentially cause harm.

Affected Path:

com/appdynamics/eumagent/runtime/p000private/bg.java

com/downloader/utils/Utils.java com/itextpdf/text/ImgJBIG2.java

com/itextpdf/text/pdf/PdfEncryption.java com/itextpdf/text/pdf/PdfSmartCopy.java

Additional Context: This issue was discovered during an internal security audit, and we wanted to bring it to your attention for review and remediation.

If you require further details or technical support regarding this report, please feel free to reach out.

Thank you,
MBRHE
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@swami-manickam