Skip to content

Commit

Permalink
00_vulnerabilities.yaml aktualisieren
Browse files Browse the repository at this point in the history 
Changed http:// to https:// in the link because they don't have auto upgrade
  • Loading branch information
@n0lz
n0lz authored Jan 27, 2025
1 parent 3c3d1cc commit b326c76
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion directory/fixtures/00_vulnerabilities.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@
pk: 'Cipher Block Chaining'
fields:
severity: 1
description: 'In 2013, researchers demonstrated a timing attack against several TLS implementations using the CBC encryption algorithm (see <a href="http://www.isg.rhul.ac.uk/tls/Lucky13.html" class="alert-link" target="_blank" rel="noopener noreferrer">isg.rhul.ac.uk</a>). Additionally, the CBC mode is vulnerable to plain-text attacks in TLS 1.0, SSL 3.0 and lower. A fix has been introduced with TLS 1.2 in form of the GCM mode which is not vulnerable to the BEAST attack. GCM should be preferred over CBC.'
description: 'In 2013, researchers demonstrated a timing attack against several TLS implementations using the CBC encryption algorithm (see <a href="https://www.isg.rhul.ac.uk/tls/Lucky13.html" class="alert-link" target="_blank" rel="noopener noreferrer">isg.rhul.ac.uk</a>). Additionally, the CBC mode is vulnerable to plain-text attacks in TLS 1.0, SSL 3.0 and lower. A fix has been introduced with TLS 1.2 in form of the GCM mode which is not vulnerable to the BEAST attack. GCM should be preferred over CBC.'
- model: directory.Vulnerability
pk: 'Rivest Cipher 2'
fields:
Expand Down

0 comments on commit b326c76

Please sign in to comment.