A security advisory (CVE-2026-33306) discloses an integer overflow bug in the JRuby implementation of bcrypt-ruby. When the bcrypt cost parameter is set to 31, a signed 32-bit integer overflow causes the key-strengthening loop to execute zero iterations instead of 2^31, effectively reducing bcrypt to constant-time computation. The resulting hash appears valid and passes verification, making the weakness invisible to applications. The fix is available in bcrypt-ruby version 3.1.22; the workaround is to use a cost value below 31.
Sort: