Vulnerabilities > Pengutronix > Barebox > 2021.07.0

DATE CVE VULNERABILITY TITLE RISK
2021-08-02 CVE-2021-37847 Unspecified vulnerability in Pengutronix Barebox
crypto/digest.c in Pengutronix barebox through 2021.07.0 leaks timing information because memcmp is used during digest verification.
network
low complexity
pengutronix
7.5
7.5
2021-08-02 CVE-2021-37848 Information Exposure Through Discrepancy vulnerability in Pengutronix Barebox
common/password.c in Pengutronix barebox through 2021.07.0 leaks timing information because strncmp is used during hash comparison.
network
low complexity
pengutronix CWE-203
7.5
7.5