VYPR

Go modules package

github.com/google/go-tpm

pkg:golang/github.com/google/go-tpm

Vulnerabilities (1)

  • CVE-2020-8918Aug 11, 2020
    affected < 0.3.0fixed 0.3.0

    An improperly initialized 'migrationAuth' value in Google's go-tpm TPM1.2 library versions prior to 0.3.0 can lead an eavesdropping attacker to discover the auth value for a key created with CreateWrapKey. An attacker listening in on the channel can collect both 'encUsageAuth' an