CVE-2020-7689— Insecure Encryption

CVSS 5.9 · Medium EPSS 0.15% · P35 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-7689

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Insecure Encryption

Source: NVD (National Vulnerability Database)

Vulnerability Description

Data is truncated wrong when its length is greater than 255 bytes.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

bcrypt 加密问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

bcrypt是一款使用在Node.js中用于对密码进行加密的库。 bcrypt 5.0.0之前版本中存在加密问题漏洞。该漏洞源于网络系统或产品未正确使用相关密码算法，导致内容未正确加密、弱加密、明文存储敏感信息等。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	bcrypt	unspecified ~ 5.0.0	-

II. Public POCs for CVE-2020-7689

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-7689

请登录查看更多情报信息。

https://github.com/kelektiv/node.bcrypt.js/pull/807x_refsource_MISC
https://snyk.io/vuln/SNYK-JS-BCRYPT-572911x_refsource_MISC
https://github.com/kelektiv/node.bcrypt.js/issues/776x_refsource_MISC
https://github.com/kelektiv/node.bcrypt.js/pull/806x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2020-7689

Same Patch Batch · n/a · 2020-07-01 · 43 CVEs total

CVE-2020-7688	8.4 HIGH	Command Injection
CVE-2017-1712		HCL Technologies Domino 加密问题漏洞
CVE-2020-15472		Ntop nDPI 缓冲区错误漏洞
CVE-2020-15471		Ntop nDPI 缓冲区错误漏洞
CVE-2020-15473		Ntop nDPI 缓冲区错误漏洞
CVE-2020-15476		Ntop nDPI 缓冲区错误漏洞
CVE-2020-15470		ffjpeg 缓冲区错误漏洞
CVE-2020-15468		Persian VIP Download Script SQL注入漏洞
CVE-2020-5902		F5 BIG-IP 路径遍历漏洞
CVE-2020-15475		Ntop nDPI 资源管理错误漏洞
CVE-2017-1659		HCL Technologies Notes 跨站脚本漏洞
CVE-2020-15478		Journal theme 信息泄露漏洞
CVE-2020-12603		Envoy 资源管理错误漏洞
CVE-2020-5900		F5 NGINX Controller 跨站请求伪造漏洞
CVE-2020-5899		F5 NGINX Controller 授权问题漏洞
CVE-2020-5901		F5 NGINX Controller 跨站脚本漏洞
CVE-2020-13380		Open Solutions for Education openSIS SQL注入漏洞
CVE-2020-13381		Open Solutions for Education openSIS SQL注入漏洞
CVE-2020-8663		Envoy 资源管理错误漏洞
CVE-2020-13382		Open Solutions for Education openSIS 访问控制错误漏洞

Showing top 20 of 43 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same vendor: n/a

V. Comments for CVE-2020-7689

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2020-7689— Insecure Encryption

I. Basic Information for CVE-2020-7689

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-7689

III. Intelligence Information for CVE-2020-7689

Same Patch Batch · n/a · 2020-07-01 · 43 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2020-7689

Leave a comment