exploitDog

CVE-2021-22549

Опубликовано: 08 июн. 2021

Источник: nvd

CVSS3: 6.5

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

An attacker can modify the address to point to trusted memory to overwrite arbitrary trusted memory. It is recommended to update past 0.6.2 or git commit https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c

Ссылки

https://github.com/google/asylo/commit/ecfcd0008b6f8f63c6fa3cc1b62fcd4a52f2c0ad
Patch
Third Party Advisory
https://github.com/google/asylo/commit/ecfcd0008b6f8f63c6fa3cc1b62fcd4a52f2c0ad
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:google:asylo:*:*:*:*:*:*:*:*

Версия до 0.6.2 (исключая)

EPSS

Процентиль: 4%

0.00018

Низкий

6.5 Medium

CVSS3

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-823

CWE-668

Связанные уязвимости

GHSA-423w-7xwv-vwqw

CVSS3: 7.8

github

больше 3 лет назад

An attacker can modify the address to point to trusted memory to overwrite arbitrary trusted memory. It is recommended to update past 0.6.2 or git commit https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c

EPSS

Процентиль: 4%

0.00018

Низкий

6.5 Medium

CVSS3

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-823

CWE-668