Zephyr@1.14.0 Security Vulnerabilities and Issues — Zephyr@1.14.0 CVE List

Lucene search

ZephyrprojectZephyr1.14.0

3 matches found

CVE•added 2020/05/11 11:15 p.m.•66 views

CVE-2020-10027

An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.

7.8CVSS7.8AI score0.00092EPSS

CVE•added 2020/05/11 11:15 p.m.•58 views

CVE-2020-10028

Multiple syscalls with insufficient argument validation See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.

7.8CVSS7.7AI score0.00077EPSS

CVE•added 2021/10/05 9:15 p.m.•38 views

CVE-2021-3510

Zephyr JSON decoder incorrectly decodes array of array. Zephyr versions >= >1.14.0, >= >2.5.0 contain Attempt to Access Child of a Non-structure Pointer (CWE-588). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-289f-7mw3-2qf4

7.5CVSS7.5AI score0.00334EPSS