VYPR

sgxwallet

by SKALE

CVEs (2)

  • CVE-2021-36219CriSep 27, 2021
    risk 0.00cvss 9.8epss 0.02

    An issue was discovered in SKALE sgxwallet 1.58.3. The provided input for ECALL 14 triggers a branch in trustedEcdsaSign that frees a non-initialized pointer from the stack. An attacker can chain multiple enclave calls to prepare a stack that contains a valid address. This…

  • CVE-2021-36218HigSep 27, 2021
    risk 0.00cvss 7.5epss 0.02

    An issue was discovered in SKALE sgxwallet 1.58.3. sgx_disp_ippsAES_GCMEncrypt allows an out-of-bounds write, resulting in a segfault and compromised enclave. This issue describes a buffer overflow, which was resolved prior to v1.77.0 and not reproducible in latest sgxwallet…