Vulnerabilities > Zephyrproject > Zephyr > 2.5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-19 | CVE-2021-3454 | Reachable Assertion vulnerability in Zephyrproject Zephyr 2.4.0/2.5.0/2.5.1 Truncated L2CAP K-frame causes assertion failure. | 7.5 |
| 2021-10-19 | CVE-2021-3455 | Use After Free vulnerability in Zephyrproject Zephyr 2.4.0/2.5.0/2.5.1 Disconnecting L2CAP channel right after invalid ATT request leads freeze. | 5.0 |
| 2021-10-05 | CVE-2021-3436 | Unspecified vulnerability in Zephyrproject Zephyr 1.14.2/2.4.0/2.5.0 BT: Possible to overwrite an existing bond during keys distribution phase when the identity address of the bond is known. | 6.4 |
| 2021-10-05 | CVE-2021-3510 | Unspecified vulnerability in Zephyrproject Zephyr Zephyr JSON decoder incorrectly decodes array of array. | 5.0 |
| 2021-10-05 | CVE-2021-3581 | Improper Validation of Specified Quantity in Input vulnerability in Zephyrproject Zephyr 2.5.0/2.5.1 Buffer Access with Incorrect Length Value in zephyr. | 8.8 |
| 2021-10-05 | CVE-2021-3625 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr Buffer overflow in Zephyr USB DFU DNLOAD. | 7.5 |