https://blog.qife122.com/tags/serverpod/ Recent content in Serverpod on 办公AI智能小助手 Hugo zh-cn qife Wed, 10 Dec 2025 04:56:23 +0800 https://blog.qife122.com/p/serverpod-%E5%8D%87%E7%BA%A7%E5%AF%86%E7%A0%81%E5%93%88%E5%B8%8C%E5%AD%98%E5%82%A8%E5%AE%89%E5%85%A8%E6%9C%BA%E5%88%B6%E5%BA%94%E5%AF%B9%E5%BD%A9%E8%99%B9%E8%A1%A8%E6%94%BB%E5%87%BB%E7%9A%84-argon2id-%E6%96%B9%E6%A1%88/ Wed, 10 Dec 2025 04:56:23 +0800 https://blog.qife122.com/p/serverpod-%E5%8D%87%E7%BA%A7%E5%AF%86%E7%A0%81%E5%93%88%E5%B8%8C%E5%AD%98%E5%82%A8%E5%AE%89%E5%85%A8%E6%9C%BA%E5%88%B6%E5%BA%94%E5%AF%B9%E5%BD%A9%E8%99%B9%E8%A1%A8%E6%94%BB%E5%87%BB%E7%9A%84-argon2id-%E6%96%B9%E6%A1%88/ <h1 id="cve-2024-29886serverpod-改进存储密码哈希的安全性">CVE-2024-29886：Serverpod 改进存储密码哈希的安全性</h1> <p><strong>漏洞详情</strong></p> <ul> <li><strong>包</strong>: <code>serverpod_auth_server</code> (Pub)</li> <li><strong>受影响版本</strong>: &lt; 1.2.6</li> <li><strong>已修复版本</strong>: 1.2.6</li> <li><strong>严重程度</strong>: 中等 (CVSS 评分 5.3)</li> <li><strong>弱点</strong>: CWE-916 - 使用计算量不足的密码哈希</li> </ul> <p><strong>描述</strong></p> <p>Serverpod 现已使用 OWASP 推荐的 Argon2Id 密码哈希算法来存储电子邮件认证模块的密码哈希。</p> https://blog.qife122.com/p/serverpod%E5%AF%86%E7%A0%81%E5%93%88%E5%B8%8C%E5%AE%89%E5%85%A8%E5%8D%87%E7%BA%A7%E4%BB%8Eargon2id%E8%BF%81%E7%A7%BB%E5%88%B0%E6%9B%B4%E5%AE%89%E5%85%A8%E7%9A%84%E7%AE%97%E6%B3%95/ Mon, 24 Nov 2025 03:55:33 +0800 https://blog.qife122.com/p/serverpod%E5%AF%86%E7%A0%81%E5%93%88%E5%B8%8C%E5%AE%89%E5%85%A8%E5%8D%87%E7%BA%A7%E4%BB%8Eargon2id%E8%BF%81%E7%A7%BB%E5%88%B0%E6%9B%B4%E5%AE%89%E5%85%A8%E7%9A%84%E7%AE%97%E6%B3%95/ <h1 id="serverpod改进存储密码哈希的安全性">Serverpod改进存储密码哈希的安全性</h1> <h2 id="漏洞详情">漏洞详情</h2> <p><strong>CVE ID</strong>: CVE-2024-29886<br> <strong>严重程度</strong>: 中等<br> <strong>影响版本</strong>: serverpod_auth_server &lt; 1.2.6<br> <strong>修复版本</strong>: 1.2.6</p> <h2 id="漏洞描述">漏洞描述</h2> <p>Serverpod现在使用OWASP推荐的Argon2Id密码哈希算法来存储电子邮件身份验证模块的密码哈希。</p>