Skip to main content

Openenclave

3 CVEs product

Monthly

CVE-2023-37479 HIGH PATCH This Week

Open Enclave is a hardware-agnostic open source library for developing applications that utilize Hardware-based Trusted Execution Environments, also known as Enclaves. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Intel Openenclave
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2020-15224 MEDIUM PATCH This Month

In Open Enclave before version 0.12.0, an information disclosure vulnerability exists when an enclave application using the syscalls provided by the sockets.edl is loaded by a malicious host. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity.

Path Traversal Information Disclosure Openenclave
NVD GitHub
CVSS 3.1
6.8
EPSS
0.6%
CVE-2020-15107 MEDIUM This Month

In openenclave before 0.10.0, enclaves that use x87 FPU operations are vulnerable to tampering by a malicious host application. Rated medium severity (CVSS 5.3). No vendor patch available.

Information Disclosure Openenclave
NVD GitHub
CVSS 3.1
5.3
EPSS
0.3%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Open Enclave is a hardware-agnostic open source library for developing applications that utilize Hardware-based Trusted Execution Environments, also known as Enclaves. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Intel Openenclave
NVD GitHub
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

In Open Enclave before version 0.12.0, an information disclosure vulnerability exists when an enclave application using the syscalls provided by the sockets.edl is loaded by a malicious host. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity.

Path Traversal Information Disclosure Openenclave
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM This Month

In openenclave before 0.10.0, enclaves that use x87 FPU operations are vulnerable to tampering by a malicious host application. Rated medium severity (CVSS 5.3). No vendor patch available.

Information Disclosure Openenclave
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy