CVE-2026-33306

MEDIUM EPSS 13.5%
Published Mar 24, 20263mo ago · Modified Jun 17, 20262w ago
4.5 CVSS 4.0
Medium
Find Similar
Published Mar 24, 2026 3mo ago
Last Modified Jun 17, 2026 2w ago

Description

bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt() password hashing algorithm. Prior to version 3.1.22, an integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. The JRuby implementation of bcrypt-ruby (`BCrypt.java`) computes the key-strengthening round count as a signed 32-bit integer. When `cost=31` (the maximum allowed by the gem), signed integer overflow causes the round count to become negative, and the strengthening loop executes **zero iterations**. This collapses bcrypt from 2^31 rounds of exponential key-strengthening to effectively constant-time computation — only the initial EksBlowfish key setup and final 64x encryption phase remain. The resulting hash looks valid (`$2a$31$...`) and verifies correctly via `checkpw`, making the weakness invisible to the application. This issue is triggered only when cost=31 is used or when verifying a `$2a$31$` hash. This problem has been fixed in version 3.1.22. As a workaround, set the cost to something less than 31.

CVSS Details

Base Score
4.5
Exploitability
Impact
Vector string
CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Local
Attack Complexity High
Privileges Required None
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
13.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-190 Integer Overflow or Wraparound Numeric Error

Affected Products 1

VendorProductVersionRange
bcrypt-ruby_projectbcrypt-ruby* <3.1.22

References 3

  • github.com https://github.com/bcrypt-ruby/bcrypt-ruby/commit/831ce64cb0a9502130fa93a28bfd9527a5fa45c4
    Patch
  • github.com https://github.com/bcrypt-ruby/bcrypt-ruby/releases/tag/v3.1.22
    ProductRelease Notes
  • github.com https://github.com/bcrypt-ruby/bcrypt-ruby/security/advisories/GHSA-f27w-vcwj-c954
    MitigationVendor Advisory

Remediation

  • github.com https://github.com/bcrypt-ruby/bcrypt-ruby/commit/831ce64cb0a9502130fa93a28bfd9527a5fa45c4
    Patch