{"id":"CVE-2020-8939","details":"An out of bounds read on the enc_untrusted_inet_ntop function allows an attack to extend the result size that is used by memcpy() to read memory from within the enclave heap. We recommend upgrading past commit 6ff3b77ffe110a33a2f93848a6333f33616f02c4","modified":"2026-07-08T20:43:37.869433Z","published":"2020-12-15T15:15:13.363Z","references":[{"type":"FIX","url":"https://github.com/google/asylo/commit/6ff3b77ffe110a33a2f93848a6333f33616f02c4"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/google/asylo","events":[{"introduced":"0"},{"last_affected":"299f804acbb95a612ab7c504d25ab908aa59ae93"},{"fixed":"6ff3b77ffe110a33a2f93848a6333f33616f02c4"}],"database_specific":{"cpe":"cpe:2.3:a:google:asylo:*:*:*:*:*:*:*:*","source":["CPE_RANGE","REFERENCES"],"extracted_events":[{"introduced":"0"},{"last_affected":"0.6.0"}]}}],"versions":["v0.6.0","buildenv-v0.6.0","v0.5.3","buildenv-v0.5.3","v0.5.2","buildenv-v0.5.2","v0.5.1","buildenv-v0.5.1","v0.5.0","buildenv-v0.5.0","v0.4.1","buildenv-v0.4.1","v0.4.0","buildenv-v0.4.0","v0.3.4.1","v0.3.4","buildenv-v0.3.4","v0.3.3","buildenv-v0.3.3","v0.3.2","buildenv-v0.3.2","v0.3.1","buildenv-v0.3.1","v0.3.0","buildenv-v0.3.0","v0.2.2","buildenv-v0.2.2","v0.2.1","buildenv-v0.2.1","v0.2.0","buildenv-v0.2.0"],"database_specific":{"vanir_signatures_modified":"2026-07-08T20:43:37Z","vanir_signatures":[{"target":{"function":"enc_untrusted_inet_ntop","file":"asylo/platform/host_call/trusted/host_calls.cc"},"signature_type":"Function","id":"CVE-2020-8939-8b91fab6","signature_version":"v1","deprecated":false,"source":"https://github.com/google/asylo/commit/6ff3b77ffe110a33a2f93848a6333f33616f02c4","digest":{"function_hash":"135038296171550800255256998280934211969","length":991}},{"target":{"file":"asylo/platform/host_call/trusted/host_calls.cc"},"signature_type":"Line","id":"CVE-2020-8939-8dfe20e5","signature_version":"v1","deprecated":false,"source":"https://github.com/google/asylo/commit/6ff3b77ffe110a33a2f93848a6333f33616f02c4","digest":{"line_hashes":["153814041358479376129214332076057155395","45922329269225053110307145393781663788","120923426945754041805254235783950991193","79748621226130253570625482495852408872","242354140484151961163145778075231999227","153518137929070858687433313067831900743"],"threshold":0.9}}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-8939.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}