Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1mZ3J4LTQ2MzctZmNmNc4AA8Ia
fuel/core Crypt encryption compromised.
In fuel/core versions pior to 1.8.1, with the right knowledge, code, and GPU calculation power, Crypt encryption can be broken in minutes.
Permalink: https://github.com/advisories/GHSA-fgrx-4637-fcf5JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1mZ3J4LTQ2MzctZmNmNc4AA8Ia
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: 7 months ago
Updated: 7 months ago
Identifiers: GHSA-fgrx-4637-fcf5
References:
- https://github.com/fuel/core/commit/59112c96d0a6f2b0ead6a57edd8ac465678bdcb0
- https://fuelphp.com/security-advisories
- https://github.com/FriendsOfPHP/security-advisories/blob/master/fuel/core/2018-04-14-1.yaml
- https://github.com/advisories/GHSA-fgrx-4637-fcf5
Blast Radius: 0.0
Affected Packages
packagist:fuel/core
Dependent packages: 10Dependent repositories: 306
Downloads: 991,127 total
Affected Version Ranges: < 1.8.1
Fixed in: 1.8.1
All affected versions: 1.8.0
All unaffected versions: 1.8.1, 1.8.2, 1.9.0