Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/01/26 9:28 p.m.22 views

CVE-2026-22696 dcap-qvl has Missing Verification for QE Identity

dcap-qvl implements the quote verification logic for DCAP Data Center Attestation Primitives. A vulnerability present in versions prior to 0.3.9 involves a critical gap in the cryptographic verification process within the dcap-qvl. The library fetches QE Identity collateral including qeidentity,...

9.3CVSS0.00208EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/01/26 6:55 p.m.7 views

dcap-qvl has Missing Verification for QE Identity

Impact This vulnerability involves a critical gap in the cryptographic verification process within the dcap-qvl. The library fetches QE Identity collateral including qeidentity, qeidentitysignature, and qeidentityissuerchain from the PCCS. However, it skips to verify the QE Identity signature...

9.3CVSS5.9AI score0.00208EPSS
Exploits0References3Affected Software4
Positive Technologies
Positive Technologies
added 2026/01/26 12:0 a.m.4 views

PT-2026-4820

Name of the Vulnerable Software and Affected Versions dcap-qvl versions prior to 0.3.9 Description The dcap-qvl library contains a flaw in its quote verification logic. The library retrieves QE Identity collateral from the PCCS, but fails to verify the QE Identity signature against its certificat...

9.3CVSS5.9AI score0.00208EPSS
Exploits0References12
BDU FSTEC
BDU FSTEC
added 2024/06/13 12:0 a.m.6 views

The vulnerability of the TPM2_GENERATED_VALUE() function in the TCG TPM2 TPM2 Software Stack, related to incorrect input validation, allows attackers to generate arbitrary price data that cannot be detected by Fapi_VerifyQuote.

The vulnerability of the TPM2GENERATEDVALUE function in the TCG TPM2 TPM2 Software Stack lies in the lack of checks to ensure that the magical number in the TPM2GENERATEDVALUE certificate is valid. Exploiting this vulnerability allows an attacker to generate arbitrary quote data that cannot be...

5.5CVSS5.9AI score0.00346EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder