exploitDog

CVE-2021-22550

Опубликовано: 08 июн. 2021

Источник: nvd

CVSS3: 6.5

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

An attacker can modify the pointers in enclave memory to overwrite arbitrary memory addresses within the secure enclave. It is recommended to update past 0.6.3 or git commit https://github.com/google/asylo/commit/a47ef55db2337d29de19c50cd29b0deb2871d31c

Ссылки

https://github.com/google/asylo/commit/a47ef55db2337d29de19c50cd29b0deb2871d31c
Patch
Third Party Advisory
https://github.com/google/asylo/commit/a47ef55db2337d29de19c50cd29b0deb2871d31c
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:google:asylo:*:*:*:*:*:*:*:*

Версия до 0.6.3 (исключая)

EPSS

Процентиль: 4%

0.00018

Низкий

6.5 Medium

CVSS3

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-823

CWE-668

Связанные уязвимости

GHSA-3rwv-g3jc-r7cc

github

больше 3 лет назад

An attacker can modify the pointers in enclave memory to overwrite arbitrary memory addresses within the secure enclave. It is recommended to update past 0.6.3 or git commit https://github.com/google/asylo/commit/a47ef55db2337d29de19c50cd29b0deb2871d31c

EPSS

Процентиль: 4%

0.00018

Низкий

6.5 Medium

CVSS3

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-823

CWE-668