Vulnerabilities > Pengutronix > Barebox > 2021.07.0

DATE CVE VULNERABILITY TITLE RISK
2021-08-02 CVE-2021-37847 Unspecified vulnerability in Pengutronix Barebox
crypto/digest.c in Pengutronix barebox through 2021.07.0 leaks timing information because memcmp is used during digest verification.
network
low complexity
pengutronix
5.0
5.0
2021-08-02 CVE-2021-37848 Information Exposure Through Discrepancy vulnerability in Pengutronix Barebox
common/password.c in Pengutronix barebox through 2021.07.0 leaks timing information because strncmp is used during hash comparison.
network
low complexity
pengutronix CWE-203
5.0
5.0