OnlineVotingSystem is an open source project hosted on GitHub. OnlineVotingSystem before version 1.1.2 hashes user passwords without a salt, which is vulnerable to dictionary attacks. Therefore there is a threat of security breach in the voting system. Without a salt, it is much easier for attackers to pre-compute the hash value using dictionary attack techniques such as rainbow tables to crack passwords. This problem is fixed and published in version 1.1.2. A long randomly generated salt is added to the password hash function to better protect passwords stored in the voting system.
[
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"212452195434257096603470516502289233056",
"73329255946250630618081093600264128694",
"187098038412025143098956115058253056312",
"235195415626419296409184188578109839168",
"262341477038192166744558564763495045222",
"275392602481699689125381672191487932517",
"291615757046721550400541188796565692004",
"116879629892254368432378393888702462246",
"225464278314727805145845043387581712075",
"80236250736954727888333571137448944531",
"39970225197738710931015399898272128549",
"284449932936780086166933414824283218565",
"319101400122733636937652875487425446784",
"272585348991892610456234994872383823542"
]
},
"target": {
"file": "src/com/bijay/onlinevotingsystem/dao/AdminDaoImpl.java"
},
"id": "CVE-2021-21253-29a28af5",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Line",
"source": "https://github.com/bijaythapaa/onlinevotingsystem/commit/0181cb0272857696c8eb3e44fcf6cb014ff90f09"
},
{
"digest": {
"length": 404.0,
"function_hash": "18168086374023672965959149198473791123"
},
"target": {
"file": "src/com/bijay/onlinevotingsystem/dao/AdminDaoImpl.java",
"function": "loginValidate"
},
"id": "CVE-2021-21253-3a4025cc",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Function",
"source": "https://github.com/bijaythapaa/onlinevotingsystem/commit/0181cb0272857696c8eb3e44fcf6cb014ff90f09"
},
{
"digest": {
"length": 815.0,
"function_hash": "126817065796937212646396074312883588385"
},
"target": {
"file": "src/com/bijay/onlinevotingsystem/controller/AdminLoginController.java",
"function": "doPost"
},
"id": "CVE-2021-21253-414913bb",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Function",
"source": "https://github.com/bijaythapaa/onlinevotingsystem/commit/0181cb0272857696c8eb3e44fcf6cb014ff90f09"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"29968344523966234173550873276909078046",
"324379861840986839421355281341858432739",
"15350045433493216449461445547568164046",
"318137686080131927048000880373411017371",
"132041460228286392914957780743324789072",
"76165899041477529422312256863182511890",
"210104400371544540932069674323258024224",
"172976065521013842880530947402072433934",
"193989442753706751075287134494754266758",
"183184833455253544670732622587999229279",
"27166981882235874102272398103760162008",
"201984991132305696126896799158022738924",
"163068511295681844612208653863267890103",
"135949484278437387966798168795788279135",
"159815133844737661829887584214694766305",
"66524955179419261702387179545069147712",
"43693651672511506419582617180681485734"
]
},
"target": {
"file": "src/com/bijay/onlinevotingsystem/controller/SHA256.java"
},
"id": "CVE-2021-21253-5765b4dc",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Line",
"source": "https://github.com/bijaythapaa/onlinevotingsystem/commit/0181cb0272857696c8eb3e44fcf6cb014ff90f09"
},
{
"digest": {
"length": 1202.0,
"function_hash": "85333574055589321818371283417222157128"
},
"target": {
"file": "src/com/bijay/onlinevotingsystem/controller/VoterLoginController.java",
"function": "doPost"
},
"id": "CVE-2021-21253-7335ee56",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Function",
"source": "https://github.com/bijaythapaa/onlinevotingsystem/commit/0181cb0272857696c8eb3e44fcf6cb014ff90f09"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"162009121668622759616190132015518028316",
"112527160040764369364638176090907424125",
"299784839238448491148507866430156240023",
"230404672025667600425617129921822219171",
"169502637324884175682078065991388829338",
"233697051972054959726851792889351222590",
"35740735474386558298778869688986725457",
"116879629892254368432378393888702462246",
"308597032098824762260774182013361828331",
"210218282137635705937836557401734639615",
"195956763152405560377500792188099223435",
"331858245937313743346254137108486369880",
"284449932936780086166933414824283218565",
"300364352759043791297599166473635606494",
"97039765081575105349624158598969226231"
]
},
"target": {
"file": "src/com/bijay/onlinevotingsystem/dao/VoterDaoImpl.java"
},
"id": "CVE-2021-21253-89e0567a",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Line",
"source": "https://github.com/bijaythapaa/onlinevotingsystem/commit/0181cb0272857696c8eb3e44fcf6cb014ff90f09"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"177256075224938231141283468951948556907",
"87865573336285270577663667855861507867",
"168072990139486674482936604200739046592",
"231149800523307706446487236299202059297",
"49779932868808514152714337616319630571",
"46716147473348969566381346954510605228",
"116730718750434442780291126806484268795",
"179140405192407889161249387626325814269",
"263029390306910397830096951312660217180"
]
},
"target": {
"file": "src/com/bijay/onlinevotingsystem/controller/VoterLoginController.java"
},
"id": "CVE-2021-21253-9e49b18d",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Line",
"source": "https://github.com/bijaythapaa/onlinevotingsystem/commit/0181cb0272857696c8eb3e44fcf6cb014ff90f09"
},
{
"digest": {
"length": 356.0,
"function_hash": "29223079454175463237261552206449488727"
},
"target": {
"file": "src/com/bijay/onlinevotingsystem/controller/SHA256.java",
"function": "getSHA"
},
"id": "CVE-2021-21253-a0edfd12",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Function",
"source": "https://github.com/bijaythapaa/onlinevotingsystem/commit/0181cb0272857696c8eb3e44fcf6cb014ff90f09"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"14603902998491316686944014491576230830",
"178663262463925637831470158350300174246",
"97945146093040742397993474409592053409",
"235999263202635200557210713782621979247",
"191746679874689831793585314821306316586",
"310861881438502720394300482502969761836",
"189120075474401797787024997775901185225",
"265046323092143721061350452136861532317",
"263029390306910397830096951312660217180"
]
},
"target": {
"file": "src/com/bijay/onlinevotingsystem/controller/AdminLoginController.java"
},
"id": "CVE-2021-21253-bdeb8214",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Line",
"source": "https://github.com/bijaythapaa/onlinevotingsystem/commit/0181cb0272857696c8eb3e44fcf6cb014ff90f09"
},
{
"digest": {
"length": 460.0,
"function_hash": "142059448996882922407644847533337841365"
},
"target": {
"file": "src/com/bijay/onlinevotingsystem/dao/VoterDaoImpl.java",
"function": "loginValidate"
},
"id": "CVE-2021-21253-ccc556c5",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Function",
"source": "https://github.com/bijaythapaa/onlinevotingsystem/commit/0181cb0272857696c8eb3e44fcf6cb014ff90f09"
}
]
[
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.2"
}
]
}
]
"2026-04-11T23:33:54Z"
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-21253.json"