Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Libtpms ProjectLibtpms*

4 matches found

CVE
CVEadded 2022/03/02 10:2 p.m.128 views

CVE-2021-3623

CVE-2021-3623 affects libtpms and describes an out-of-bounds access when the volatile TPM2 state is marshalled/written or unmarshalled/read due to specially crafted TPM2 command packets. The highest threat is to availability. Multiple connected advisories reference this issue (e.g., SUSE-SU-2022:...

6.1CVSS6.3AI score0.00052EPSS
CVE
CVEadded 2021/04/19 8:22 p.m.106 views

CVE-2021-3505

CVE-2021-3505 affects libtpms

5.5CVSS5.2AI score0.00126EPSS
CVE
CVEadded 2021/03/25 6:45 p.m.96 views

CVE-2021-3446

CVE-2021-3446 affects libtpms prior to 0.8.2, where the OpenSSL integration erroneously returns the initial IV instead of the last IV for certain symmetric ciphers, weakening confidentiality. Affected packages have been addressed in downstream advisories (e.g., Mageia MGASA-2021-0590; OSV entries...

5.5CVSS5.3AI score0.00047EPSS
CVE
CVEadded 2021/06/03 11:5 a.m.89 views

CVE-2021-3569

CVE-2021-3569 describes a stack corruption bug in libtpms that occurs when decrypting data using RSA. Affected versions are before 0.7.2 and before 0.8.0, and the flaw can cause a SIGBUS (bad memory access) and termination of swtpm, with the highest impact on availability. The connected sources c...

5.5CVSS5.4AI score0.00047EPSS