Skip to content

Commit 8b3144a

Browse files
tjuyuxinzhangtjuyuxinzhang
committed
1 parent 6527bef commit 8b3144a

1 file changed

Lines changed: 44 additions & 2 deletions

File tree

advisories/unreviewed/2022/05/GHSA-wwwj-58hm-mxm3/GHSA-wwwj-58hm-mxm3.json

Lines changed: 44 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,27 +1,69 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-wwwj-58hm-mxm3",
4-
"modified": "2022-05-14T03:51:35Z",
4+
"modified": "2023-02-03T05:00:43Z",
55
"published": "2022-05-14T03:51:35Z",
66
"aliases": [
77
"CVE-2012-0884"
88
],
9+
"summary": "Improper restriction of oracle behavior in OpenSSL CMS and PKCS#7 (Million Message Attack)",
910
"details": "The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Million Message Attack (MMA) adaptive chosen ciphertext attack.",
1011
"severity": [],
11-
"affected": [],
12+
"affected": [
13+
{
14+
"package": {
15+
"ecosystem": "GitHub Actions",
16+
"name": ""
17+
},
18+
"ranges": [
19+
{
20+
"type": "ECOSYSTEM",
21+
"events": [
22+
{
23+
"introduced": "0"
24+
}
25+
]
26+
}
27+
]
28+
}
29+
],
1230
"references": [
1331
{
1432
"type": "ADVISORY",
1533
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0884"
1634
},
35+
{
36+
"type": "WEB",
37+
"url": "https://access.redhat.com/security/cve/CVE-2012-0884"
38+
},
1739
{
1840
"type": "WEB",
1941
"url": "https://downloads.avaya.com/css/P8/documents/100162507"
2042
},
43+
{
44+
"type": "PACKAGE",
45+
"url": "https://github.com/openssl/openssl"
46+
},
2147
{
2248
"type": "WEB",
2349
"url": "https://hermes.opensuse.org/messages/14330767"
2450
},
51+
{
52+
"type": "WEB",
53+
"url": "https://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001735.html"
54+
},
55+
{
56+
"type": "WEB",
57+
"url": "https://security-tracker.debian.org/tracker/CVE-2012-0884"
58+
},
59+
{
60+
"type": "WEB",
61+
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0884"
62+
},
63+
{
64+
"type": "WEB",
65+
"url": "https://www.suse.com/security/cve/CVE-2012-0884.html"
66+
},
2567
{
2668
"type": "WEB",
2769
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077086.html"

0 commit comments

Comments
 (0)