GHSA-fgrx-4637-fcf5

Suggest an improvement
Source
https://github.com/advisories/GHSA-fgrx-4637-fcf5
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-fgrx-4637-fcf5/GHSA-fgrx-4637-fcf5.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-fgrx-4637-fcf5
Published
2024-05-15T21:46:56Z
Modified
2024-11-29T05:41:40.264116Z
Summary
fuel/core Crypt encryption compromised.
Details

In fuel/core versions pior to 1.8.1, with the right knowledge, code, and GPU calculation power, Crypt encryption can be broken in minutes.

Database specific 
{
    "nvd_published_at": null,
    "cwe_ids": [
        "CWE-327"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2024-05-15T21:46:56Z"
}
References

Affected packages

Packagist / fuel/core

Package

Name
fuel/core
Purl
pkg:composer/fuel/core

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.1

Affected versions

1.*

1.8.0
1.8.0.1
1.8.0.2
1.8.0.3
1.8.0.4