{"id":"CVE-2022-1279","details":"A vulnerability in the encryption implementation of EBICS messages in the open source librairy ebics-java/ebics-java-client allows an attacker sniffing network traffic to decrypt EBICS payloads. This issue affects: ebics-java/ebics-java-client versions prior to 1.2.","modified":"2026-03-14T11:21:05.575125Z","published":"2022-04-14T08:15:06.830Z","references":[{"type":"FIX","url":"https://github.com/ebics-java/ebics-java-client/releases/tag/1.2"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ebics-java/ebics-java-client","events":[{"introduced":"0"},{"fixed":"05be4206540d748f59f3fff2e5e2e02398b014c4"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.2"}]}}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-1279.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}