Squirrel vulnerability CVE-2021-41556

We are aware of CVE-2021-41556 but can report that this does not compromise the Electric Imp platform either on the device or in the agent, due to memory limits that we enforce in our implementations.

Sadly, the researchers involved here neither contacted us or verified that we were affected before including our name in their post.

1 Like