Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and information disclosure across all components.

Related CVEs

CVE-2021-1111

Key Information

GHSA ID

GHSA-f2c8-7jv5-4w26

Published

May 24, 2022 7:11 PM

Last Modified

July 9, 2022 12:00 AM

CVSS Score

2.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: August 24, 2025 6:28 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.