Lfedge Eve
3 CVEs affecting Lfedge Eve. Latest disclosed: 2023-09-21. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-43634 | High | 8.8 | 2023-09-21 | When sealing/unsealing the “vault” key, a list of PCRs is used, which defines which PCRs are used. In a previous project, CYMOTIVE found that the configurati… |
CVE-2023-43633 | High | 8.8 | 2023-09-21 | On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig/global.json”. If the file exists, it overrides the existing c… |
CVE-2023-43637 | High | 7.8 | 2023-09-21 | Due to the implementation of "deriveVaultKey", prior to version 7.10, the generated vault key would always have the last 16 bytes predetermined to be "arfooba… |