Filtered by vendor Linaro
Subscribe
Total
23 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-12563 | 1 Linaro | 1 Lava | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for file: URLs, a user can force lava-server-gunicorn to download any file from the filesystem if it's readable by lavaserver and valid yaml. | |||||
CVE-2017-1000413 | 1 Linaro | 1 Op-tee | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable a timing attack in the Montgomery parts of libMPA in OP-TEE resulting in a compromised private RSA key. | |||||
CVE-2017-1000412 | 1 Linaro | 1 Op-tee | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable to the bellcore attack in the LibTomCrypt code resulting in compromised private RSA key. |