{"vulnerability": "CVE-2019-1543", "sightings": [{"uuid": "36d9b409-4943-4249-82ea-aca1efc8c6ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1543", "type": "seen", "source": "https://t.me/critical_bug/181", "content": "https://hackerone.com/reports/506040\n\n\u042d\u0442\u043e\u0442 \u0440\u0435\u043f\u043e\u0440\u0442 \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e CVE-2019-1543, \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u0439\u0442\u0438 \u0437\u0434\u0435\u0441\u044c: https://www.openssl.org/news/secadv/20190306.txt. \u0420\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043e \u0442\u043e\u043c, \u0447\u0442\u043e OpenSSL \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0435\u0442 Nonce \u0434\u043b\u044f AEAD-\u0448\u0438\u0444\u0440\u0430 ChaCha20-Poly1305 \u0440\u0430\u0437\u043c\u0435\u0440\u043e\u043c \u0434\u043e 16 \u0431\u0430\u0439\u0442. \u041e\u0434\u043d\u0430\u043a\u043e \u0441\u043f\u0435\u0446\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f ChaCha20-Poly1305 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043e 12-\u0431\u0430\u0439\u0442.\n\n\u0415\u0441\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043f\u0435\u0440\u0435\u0434\u0430\u0435\u0442 16-\u0431\u0430\u0439\u0442\u043d\u044b\u0439 Nonce \u0432 OpenSSL, OpenSSL \u043e\u0442\u0431\u0440\u043e\u0441\u0438\u0442 \u043f\u0435\u0440\u0432\u044b\u0435 4 \u0431\u0430\u0439\u0442\u0430 Nonce.\n\n\u042d\u0442\u043e \u043d\u0430\u0440\u0443\u0448\u0430\u0435\u0442 \u0433\u0430\u0440\u0430\u043d\u0442\u0438\u0438, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0435 OpenSSL \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u043c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c, \u0442\u0430\u043a \u043a\u0430\u043a \u043f\u0435\u0440\u0432\u044b\u0435 4 \u0431\u0430\u0439\u0442\u0430 Nonce \u043d\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u044b, \u0447\u0442\u043e \u043d\u0430\u0440\u0443\u0448\u0430\u0435\u0442 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c AEAD-\u0448\u0438\u0444\u0440\u0430 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0434\u0434\u0435\u043b\u0430\u0442\u044c 4 \u0431\u0430\u0439\u0442\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f. \u042d\u0442\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e \u0434\u043b\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442\u0441\u044f \u043d\u0430 AEAD-\u0448\u0438\u0444\u0440\u044b \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u0434\u043c\u0435\u043d\u044b \u0438\u043b\u0438 \u043f\u043e\u0440\u0447\u0438 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u044d\u0442\u043e \u0432\u0432\u043e\u0434\u0438\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f Nonce, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 4 \u0431\u0430\u0439\u0442\u0430 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u043e\u0441\u0442\u0438 Nonce \u043e\u0442\u0431\u0440\u0430\u0441\u044b\u0432\u0430\u044e\u0442\u0441\u044f OpenSSL. \u042d\u0442\u043e \u0432\u0435\u0434\u0435\u0442 \u043a \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043a\u0430\u0442\u0430\u0441\u0442\u0440\u043e\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f Nonce, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u0442\u044c \u0432\u0441\u044e \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e.\n\n\u042d\u0442\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0434\u043b\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u044d\u0442\u043e\u0442 \u0448\u0438\u0444\u0440 \u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0442\u0430\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u0432\u043e\u0434\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438\u0437 \u0441\u0442\u0440\u043e\u044f. \u041d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u044d\u0442\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c OpenSSL, \u0447\u0442\u043e\u0431\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438 \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u044c \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0445.", "creation_timestamp": "2023-04-03T13:58:44.000000Z"}, {"uuid": "f1480d92-89e7-4613-a3c1-02c8e0d545e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15434", "type": "seen", "source": "https://t.me/ctinow/188281", "content": "https://ift.tt/qXCcuOR\nCVE-2019-15434 | Samsung A5 permission assignment", "creation_timestamp": "2024-02-20T10:21:44.000000Z"}, {"uuid": "98f27a28-f936-47a7-aa8f-5cf218af96fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1543", "type": "seen", "source": "https://t.me/ctinow/168209", "content": "https://ift.tt/C6IsWa4\nCVE-2019-1543 | Oracle MySQL Connectors up to 5.3.13/8.0.17 OpenSSL cryptographic issues (BID-107349)", "creation_timestamp": "2024-01-15T08:41:08.000000Z"}, {"uuid": "032bb274-0169-4cb7-83b8-66612e00672d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15432", "type": "seen", "source": "https://t.me/ctinow/188268", "content": "https://ift.tt/dRl9Wqo\nCVE-2019-15432 | Evercoss U6 permission assignment", "creation_timestamp": "2024-02-20T09:41:33.000000Z"}, {"uuid": "2d77fb31-a27c-4927-bbfe-2fbe0bf2e973", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15439", "type": "seen", "source": "https://t.me/ctinow/188286", "content": "https://ift.tt/ZE02qY6\nCVE-2019-15439 | Samsung XCover4 permission assignment", "creation_timestamp": "2024-02-20T10:21:49.000000Z"}, {"uuid": "7587d3d3-95c7-481c-94d4-eb5cace3d589", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15438", "type": "seen", "source": "https://t.me/ctinow/188285", "content": "https://ift.tt/st7d6xN\nCVE-2019-15438 | Samsung XCover4 permission assignment", "creation_timestamp": "2024-02-20T10:21:48.000000Z"}, {"uuid": "9a258537-92f6-477a-a1b7-9f04681e2ca8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15437", "type": "seen", "source": "https://t.me/ctinow/188284", "content": "https://ift.tt/YNhv0xq\nCVE-2019-15437 | Samsung XCover4 permission assignment", "creation_timestamp": "2024-02-20T10:21:47.000000Z"}, {"uuid": "1230ddff-b127-41d2-9a64-60f6d77dcb33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15436", "type": "seen", "source": "https://t.me/ctinow/188283", "content": "https://ift.tt/NZX1HW2\nCVE-2019-15436 | Samsung A8+ permission assignment", "creation_timestamp": "2024-02-20T10:21:46.000000Z"}, {"uuid": "0dcdc8cc-353b-4afe-9b75-a381bb3b60ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15435", "type": "seen", "source": "https://t.me/ctinow/188282", "content": "https://ift.tt/ZUhDvSP\nCVE-2019-15435 | Samsung A7 permission assignment", "creation_timestamp": "2024-02-20T10:21:45.000000Z"}, {"uuid": "4877c065-e365-43a4-ab0c-5c901c65d6c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15433", "type": "seen", "source": "https://t.me/ctinow/188280", "content": "https://ift.tt/8Z1a4kR\nCVE-2019-15433 | Samsung A3 permission assignment", "creation_timestamp": "2024-02-20T10:21:42.000000Z"}, {"uuid": "7f098247-6db6-4663-bb52-85915a200878", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15431", "type": "seen", "source": "https://t.me/ctinow/188267", "content": "https://ift.tt/KGogUH6\nCVE-2019-15431 | Evercoss U50A permission assignment", "creation_timestamp": "2024-02-20T09:41:32.000000Z"}, {"uuid": "ae7db080-0643-4327-bfd5-3600858663b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15430", "type": "seen", "source": "https://t.me/ctinow/188266", "content": "https://ift.tt/uqGJ1yx\nCVE-2019-15430 | Bluboo D3 Pro permission assignment", "creation_timestamp": "2024-02-20T09:41:30.000000Z"}]}