object(app\admin\model\bug\Bug)#19 (37) {
  ["name":protected]=>
  string(3) "bug"
  ["autoWriteTimestamp":protected]=>
  string(7) "integer"
  ["createTime":protected]=>
  string(10) "createtime"
  ["updateTime":protected]=>
  string(10) "updatetime"
  ["deleteTime":protected]=>
  string(10) "deletetime"
  ["append":protected]=>
  array(0) {
  }
  ["connection":protected]=>
  array(0) {
  }
  ["parent":protected]=>
  NULL
  ["query":protected]=>
  NULL
  ["table":protected]=>
  NULL
  ["class":protected]=>
  string(23) "app\admin\model\bug\Bug"
  ["error":protected]=>
  NULL
  ["validate":protected]=>
  NULL
  ["pk":protected]=>
  NULL
  ["field":protected]=>
  array(0) {
  }
  ["except":protected]=>
  array(0) {
  }
  ["disuse":protected]=>
  array(0) {
  }
  ["readonly":protected]=>
  array(0) {
  }
  ["visible":protected]=>
  array(0) {
  }
  ["hidden":protected]=>
  array(0) {
  }
  ["data":protected]=>
  array(24) {
    ["id"]=>
    int(11846)
    ["cve_code"]=>
    string(13) "CVE-2012-4929"
    ["cnnvd"]=>
    string(16) "CNNVD-201209-346"
    ["cncve"]=>
    string(1) "/"
    ["cvss_score"]=>
    float(2.6)
    ["system"]=>
    string(37) "红旗Asianux服务器操作系统 V8"
    ["desc"]=>
    string(406) "Mozilla Firefox、Google Chrome、Qt 和其他产品中使用的 TLS 协议 1.2 及更早版本可以在没有正确混淆未加密数据的长度的情况下加密压缩数据，这使得中间人攻击者可以通过在一系列猜测过程中观察长度差异来获取纯文本 HTTP 标头，其中 HTTP 请求中的字符串可能与 HTTP 标头中的未知字符串匹配，又称“CRIME”攻击。"
    ["date"]=>
    string(10) "2024-11-11"
    ["level"]=>
    string(6) "低危"
    ["package"]=>
    string(8) "firefox;"
    ["repair_version"]=>
    NULL
    ["repair"]=>
    string(35) "软件包升级
dnf update firefox
"
    ["prove"]=>
    NULL
    ["patch"]=>
    NULL
    ["references"]=>
    array(34) {
      [0]=>
      string(43) "http://www.ekoparty.org/2012/thai-duong.php"
      [1]=>
      string(55) "http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091"
      [2]=>
      string(57) "http://code.google.com/p/chromium/issues/detail?id=139744"
      [3]=>
      string(102) "http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512"
      [4]=>
      string(47) "https://chromiumcodereview.appspot.com/10825183"
      [5]=>
      string(31) "https://gist.github.com/3696912"
      [6]=>
      string(43) "http://news.ycombinator.com/item?id=4510829"
      [7]=>
      string(125) "http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312"
      [8]=>
      string(69) "http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/"
      [9]=>
      string(57) "http://www.theregister.co.uk/2012/09/14/crime_tls_attack/"
      [10]=>
      string(87) "http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor"
      [11]=>
      string(106) "https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls"
      [12]=>
      string(63) "https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212"
      [13]=>
      string(71) "http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html"
      [14]=>
      string(50) "https://bugzilla.redhat.com/show_bug.cgi?id=857051"
      [15]=>
      string(36) "http://www.ubuntu.com/usn/USN-1628-1"
      [16]=>
      string(64) "http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html"
      [17]=>
      string(44) "http://www.debian.org/security/2012/dsa-2579"
      [18]=>
      string(36) "http://www.ubuntu.com/usn/USN-1627-1"
      [19]=>
      string(38) "http://www.securityfocus.com/bid/55704"
      [20]=>
      string(64) "http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html"
      [21]=>
      string(64) "http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html"
      [22]=>
      string(48) "http://rhn.redhat.com/errata/RHSA-2013-0587.html"
      [23]=>
      string(44) "http://www.debian.org/security/2013/dsa-2627"
      [24]=>
      string(34) "http://support.apple.com/kb/HT5784"
      [25]=>
      string(72) "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"
      [26]=>
      string(36) "http://www.ubuntu.com/usn/USN-1898-1"
      [27]=>
      string(80) "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html"
      [28]=>
      string(44) "http://www.debian.org/security/2015/dsa-3253"
      [29]=>
      string(42) "http://jvn.jp/en/jp/JVN65273415/index.html"
      [30]=>
      string(59) "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html"
      [31]=>
      string(49) "http://marc.info/?l=bugtraq&m=136612293908376&w=2"
      [32]=>
      string(92) "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920"
      [33]=>
      string(33) "https://github.com/mpgn/CRIME-poc"
    }
    ["createtime"]=>
    int(1733118388)
    ["updatetime"]=>
    int(1733118388)
    ["deletetime"]=>
    NULL
    ["visible"]=>
    int(1)
    ["name"]=>
    NULL
    ["cvss_info"]=>
    NULL
    ["sys_type"]=>
    string(21) "服务器操作系统"
    ["repair_date"]=>
    NULL
    ["cve_name"]=>
    string(57) "Mozilla Firefox/Google Chrome TLS协议加密问题漏洞"
  }
  ["origin":protected]=>
  array(24) {
    ["id"]=>
    int(11846)
    ["cve_code"]=>
    string(13) "CVE-2012-4929"
    ["cnnvd"]=>
    string(16) "CNNVD-201209-346"
    ["cncve"]=>
    string(1) "/"
    ["cvss_score"]=>
    float(2.6)
    ["system"]=>
    string(37) "红旗Asianux服务器操作系统 V8"
    ["desc"]=>
    string(406) "Mozilla Firefox、Google Chrome、Qt 和其他产品中使用的 TLS 协议 1.2 及更早版本可以在没有正确混淆未加密数据的长度的情况下加密压缩数据，这使得中间人攻击者可以通过在一系列猜测过程中观察长度差异来获取纯文本 HTTP 标头，其中 HTTP 请求中的字符串可能与 HTTP 标头中的未知字符串匹配，又称“CRIME”攻击。"
    ["date"]=>
    string(10) "2024-11-11"
    ["level"]=>
    string(6) "低危"
    ["package"]=>
    string(8) "firefox;"
    ["repair_version"]=>
    NULL
    ["repair"]=>
    string(35) "软件包升级
dnf update firefox
"
    ["prove"]=>
    NULL
    ["patch"]=>
    NULL
    ["references"]=>
    string(2018) "http://www.ekoparty.org/2012/thai-duong.php;http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091;http://code.google.com/p/chromium/issues/detail?id=139744;http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512;https://chromiumcodereview.appspot.com/10825183;https://gist.github.com/3696912;http://news.ycombinator.com/item?id=4510829;http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312;http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/;http://www.theregister.co.uk/2012/09/14/crime_tls_attack/;http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor;https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls;https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212;http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html;https://bugzilla.redhat.com/show_bug.cgi?id=857051;http://www.ubuntu.com/usn/USN-1628-1;http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html;http://www.debian.org/security/2012/dsa-2579;http://www.ubuntu.com/usn/USN-1627-1;http://www.securityfocus.com/bid/55704;http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html;http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html;http://rhn.redhat.com/errata/RHSA-2013-0587.html;http://www.debian.org/security/2013/dsa-2627;http://support.apple.com/kb/HT5784;http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html;http://www.ubuntu.com/usn/USN-1898-1;http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html;http://www.debian.org/security/2015/dsa-3253;http://jvn.jp/en/jp/JVN65273415/index.html;http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html;http://marc.info/?l=bugtraq&m=136612293908376&w=2;https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920;https://github.com/mpgn/CRIME-poc"
    ["createtime"]=>
    int(1733118388)
    ["updatetime"]=>
    int(1733118388)
    ["deletetime"]=>
    NULL
    ["visible"]=>
    int(1)
    ["name"]=>
    NULL
    ["cvss_info"]=>
    NULL
    ["sys_type"]=>
    string(21) "服务器操作系统"
    ["repair_date"]=>
    NULL
    ["cve_name"]=>
    string(57) "Mozilla Firefox/Google Chrome TLS协议加密问题漏洞"
  }
  ["relation":protected]=>
  array(0) {
  }
  ["auto":protected]=>
  array(0) {
  }
  ["insert":protected]=>
  array(0) {
  }
  ["update":protected]=>
  array(0) {
  }
  ["dateFormat":protected]=>
  bool(false)
  ["type":protected]=>
  array(0) {
  }
  ["isUpdate":protected]=>
  bool(true)
  ["replace":protected]=>
  bool(false)
  ["force":protected]=>
  bool(false)
  ["updateWhere":protected]=>
  array(1) {
    ["id"]=>
    array(2) {
      [0]=>
      string(2) "eq"
      [1]=>
      string(5) "11846"
    }
  }
  ["failException":protected]=>
  bool(false)
  ["useGlobalScope":protected]=>
  bool(true)
  ["batchValidate":protected]=>
  bool(false)
  ["resultSetType":protected]=>
  string(5) "array"
  ["relationWrite":protected]=>
  NULL
}