GHSA-fgrx-4637-fcf5: fuel/core Crypt encryption compromised.

May 15, 2024

In fuel/core versions pior to 1.8.1, with the right knowledge, code, and GPU calculation power, Crypt encryption can be broken in minutes.

References

fuelphp.com/security-advisories
github.com/FriendsOfPHP/security-advisories/blob/master/fuel/core/2018-04-14-1.yaml
github.com/advisories/GHSA-fgrx-4637-fcf5
github.com/fuel/core
github.com/fuel/core/commit/59112c96d0a6f2b0ead6a57edd8ac465678bdcb0

Detect and mitigate GHSA-fgrx-4637-fcf5 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →