CVE-2023-43630
MEDIUM5.2EPSS 0.01%EVE Doesn't Measure Config Partition From 2 Fronts in github.com/lf-edge/eve
Published: 2/4/2026Modified: 2/5/2026
Description
EVE Doesn't Measure Config Partition From 2 Fronts in github.com/lf-edge/eve
Affected packages (2)
- Go/github.com/lf-edge/evefrom 0, < 0.0.0-20230126065759-d9383a7ee4e1
- Go/github.com/lf-edge/evefrom 0, < 0.0.0-20230126065759-d9383a7ee4e1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.2 | CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N |
References (7)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2023-43630
- PATCHhttps://github.com/lf-edge/eve
- WEBhttps://asrg.io/security-advisories/config-partition-not-measured-from-2-fronts
- WEBhttps://asrg.io/security-advisories/cve-2023-43630
- WEBhttps://github.com/lf-edge/eve/commit/d9383a7ee4e1c39f5c8c6d4a63cb2ebd00695e8a
- WEBhttps://github.com/lf-edge/eve/security/advisories/GHSA-phcg-h58r-gmcq
- WEBhttps://help.zededa.com/hc/en-us/articles/43295940828827-TPM-PCR-Index-Security-Implications