derrabus
commented
5 days ago Can you elaborate how a collision on a cache key is a possible security threat?
Open eywa-saravanan opened 5 days ago
derrabus
commented
5 days ago Can you elaborate how a collision on a cache key is a possible security threat?
Hi,
we face security issue.. need for solution..
issue detail given below
package name : Doctrine DBAL
Package link : https://github.com/doctrine/dbal
issue description :
line numbers : a) vendor/doctrine/dbal/src/Cache/QueryCacheProfile.php:130
1) An attacker can exploit the weaknesses of SHA-1 to perform collision attacks, potentially leading to data breaches and loss of data integrity.
solution need like this : It is recommended to avoid using SHA-1 for hashing. Instead, opt for stronger hashing algorithms such as SHA-256 to enhance security.
thanks