CVE-2023-43635
Summary of CVE-2023-43635 / GHSA-4JVR-VJ2C-8Q37 : In EVE-OS measured boot, the vault key is sealed using SHA1 PCRs instead of SHA256 PCRs. The TPM PCRs that are used to seal/unseal the key for encrypting the vault directory may be SHA1-enabled while SHA256 PCRs are not consistently used, enabling...