Описание
An out of bounds read on the enc_untrusted_inet_ntop function allows an attack to extend the result size that is used by memcpy() to read memory from within the enclave heap. We recommend upgrading past commit 6ff3b77ffe110a33a2f93848a6333f33616f02c4
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.6.0 (включая)
cpe:2.3:a:google:asylo:*:*:*:*:*:*:*:*
EPSS
Процентиль: 4%
0.00019
Низкий
5.3 Medium
CVSS3
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-125
CWE-125
Связанные уязвимости
github
больше 3 лет назад
An out of bounds read on the enc_untrusted_inet_ntop function allows an attack to extend the result size that is used by memcpy() to read memory from within the enclave heap. We recommend upgrading past commit 6ff3b77ffe110a33a2f93848a6333f33616f02c4
EPSS
Процентиль: 4%
0.00019
Низкий
5.3 Medium
CVSS3
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-125
CWE-125