{
  "schema_version": "1.4.0",
  "id": "GHSA-fgrx-4637-fcf5",
  "modified": "2024-05-15T21:46:56Z",
  "published": "2024-05-15T21:46:56Z",
  "aliases": [],
  "summary": "fuel/core Crypt encryption compromised.",
  "details": "In fuel/core versions pior to 1.8.1, with the right knowledge, code, and GPU calculation power, Crypt encryption can be broken in minutes.\n\n",
  "severity": [],
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "fuel/core"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.8.1"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/fuel/core/commit/59112c96d0a6f2b0ead6a57edd8ac465678bdcb0"
    },
    {
      "type": "WEB",
      "url": "https://fuelphp.com/security-advisories"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/fuel/core/2018-04-14-1.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/fuel/core"
    }
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-327"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2024-05-15T21:46:56Z",
    "nvd_published_at": null
  }
}