ACS AEM Commons Versioned Clientlibs

Avatar

Avatar

umair14

Avatar

umair14

umair14

29-10-2020

Hi All, ACS AEM Commons Versioned ClientLibs uses Sling Rewriter to rewrite the client libraries generated by aem and append a unique MD5 value at the end of the client library URL and later it is cached. It generates a new MD5 value every time a modification to the client library happens and appends the generated MD5 value to the client library url for re-cashing. MD5 cryptographic algorithms are outdated and vulnerable to security. Is there another version of the Versioned ClientLibs or any other implementation that uses SHA2 Family (SHA256, SHA386, and SHA512) instead of MD5?

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar

Singaiah_Chintalapudi

MVP

Avatar

Singaiah_Chintalapudi

MVP

Singaiah_Chintalapudi
MVP

29-10-2020

Thanks for calling out the security vulnerability. I guess the only option you've is to write you own custom logic to implement the MD5.

Answers (0)