Zephyr@2.6.0 Security Vulnerabilities and Issues — Zephyr@2.6.0 CVE List

Lucene search

ZephyrprojectZephyr2.6.0

3 matches found

CVE•added 2022/02/07 10:15 p.m.•50 views

CVE-2021-3835

Buffer overflow in usb device class. Zephyr versions >= v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fm6v-8625-99jf

8.8CVSS8.8AI score0.00116EPSS

CVE•added 2022/02/07 10:15 p.m.•46 views

CVE-2021-3861

The RNDIS USB device class includes a buffer overflow vulnerability. Zephyr versions >= v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hvfp-w4h8-gxvj

8.2CVSS7.2AI score0.00049EPSS

CVE•added 2021/10/05 9:15 p.m.•39 views

CVE-2021-3510

Zephyr JSON decoder incorrectly decodes array of array. Zephyr versions >= >1.14.0, >= >2.5.0 contain Attempt to Access Child of a Non-structure Pointer (CWE-588). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-289f-7mw3-2qf4

7.5CVSS7.5AI score0.00334EPSS