EUVD-2021-2305

Malware in sbrugna...

The vulnerability of Cloudflare WARP’s VPN service for Android lies in the lack of protection for service-related data. This allows attackers to access confidential information and arbitrary application functions.

The vulnerability of Cloudflare WARP, a VPN service for Android, relates to the lack of protection for service-related data. Exploiting this vulnerability could allow attackers to access confidential information and arbitrary application functions...

GHSA-6C7M-QWXJ-MVHP Broken encryption in EdgeX Foundry

Summary Broken encryption in app-functions-sdk “AES” transform in EdgeX Foundry releases prior to Jakarta allows attackers to decrypt messages via unspecified vectors. Detailed Description The app-functions-sdk exports an “aes” transform that user scripts can optionally call to encrypt data in th...

CVE-2021-41278

EdgeX Foundry CVE-2021-41278 affects the app-functions-sdk-go (and related EdgeX components) where the AES transform is broken in encryption, allowing potential decryption of data for users who enable AES in their pipelines. Affected releases rely on a flawed AES implementation; the AES transform...

CVE-2021-41278 Broken encryption in app-functions-sdk “AES” transform in EdgeX Foundry releases prior to Jakarta allows attackers to decrypt messages via unspecified vectors

Functions SDK for EdgeX is meant to provide all the plumbing necessary for developers to get started in processing/transforming/exporting data out of the EdgeX IoT platform. In affected versions broken encryption in app-functions-sdk “AES” transform in EdgeX Foundry releases prior to Jakarta allo...