Vulnerabilities > Google > Asylo > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-08 | CVE-2021-22548 | Unspecified vulnerability in Google Asylo An attacker can change the pointer to untrusted memory to point to trusted memory region which causes copying trusted memory to trusted memory, if the latter is later copied out, it allows for reading of memory regions from the trusted region. | 4.6 |
| 2021-06-08 | CVE-2021-22550 | Exposure of Resource to Wrong Sphere vulnerability in Google Asylo An attacker can modify the pointers in enclave memory to overwrite arbitrary memory addresses within the secure enclave. | 4.6 |
| 2020-12-15 | CVE-2020-8935 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Asylo An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allow an attacker to make an Ecall_restore function call to reallocate untrusted code and overwrite sections of the Enclave memory address. | 4.6 |
| 2020-08-12 | CVE-2020-8905 | Classic Buffer Overflow vulnerability in Google Asylo A buffer length validation vulnerability in Asylo versions prior to 0.6.0 allows an attacker to read data they should not have access to. | 4.0 |
| 2020-08-12 | CVE-2020-8904 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Asylo An arbitrary memory overwrite vulnerability in the trusted memory of Asylo exists in versions prior to 0.6.0. | 5.5 |