Lucene search
K

5 matches found

OSV
OSV
added 2025/11/17 7:11 p.m.8 views

GO-2025-4112 Evervault Go SDK: Incomplete PCR Validation in Enclave Attestation for non-Evervault hosted Enclaves in github.com/evervault/evervault-go

Evervault Go SDK: Incomplete PCR Validation in Enclave Attestation for non-Evervault hosted Enclaves in github.com/evervault/evervault-go...

8.7CVSS6.9AI score0.00134EPSS
Exploits1References4
OSV
OSV
added 2025/11/12 9:45 p.m.3 views

GHSA-88H9-77C7-P6W4 Evervault Go SDK: Incomplete PCR Validation in Enclave Attestation for non-Evervault hosted Enclaves

Summary A vulnerability was identified in the evervault-go SDK’s attestation verification logic that may allow incomplete documents to pass validation. This may cause the client to trust an enclave operator that does not meet expected integrity guarantees. The exploitability of this issue is...

8.7CVSS6.3AI score0.00134EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/11/12 8:34 p.m.2 views

CVE-2025-64186 Evervault Go SDK: Incomplete PCR Validation in Enclave Attestation for non-Evervault hosted Enclaves

Evervault is a payment security solution. A vulnerability was identified in the evervault-go SDK’s attestation verification logic in versions of evervault-go prior to 1.3.2 that may allow incomplete documents to pass validation. This may cause the client to trust an enclave operator that does not...

8.7CVSS6.3AI score0.00134EPSS
Exploits1References3
EUVD
EUVD
added 2025/11/12 8:34 p.m.3 views

EUVD-2025-131929

Evervault is a payment security solution. A vulnerability was identified in the evervault-go SDK’s attestation verification logic in versions of evervault-go prior to 1.3.2 that may allow incomplete documents to pass validation. This may cause the client to trust an enclave operator that does not...

8.7CVSS6AI score0.00134EPSS
Exploits1References5
Packet Storm News
Packet Storm News
added 2025/10/02 12:0 a.m.5 views

WireTap: Breaking Server SGX via DRAM Bus Interposition

Whitepaper that delves into Intel’s Software Guard eXtension SGX. A common misconception is that physical attacks on SGX require expensive laboratory equipment, thus putting them out of reach of hobbyist-level attackers. In this work, the authors challenge this belief, showing how simple memory b...

6.6AI score
Exploits0
Rows per page
Query Builder