Skip to main content

Yubihsm 2 Sdk

1 CVEs product

Monthly

CVE-2023-39908 HIGH PATCH This Week

The PKCS11 module of the YubiHSM 2 SDK through 2023.01 does not properly validate the length of specific read operations on object metadata. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Yubihsm 2 Sdk
NVD
CVSS 3.1
7.5
EPSS
0.5%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

The PKCS11 module of the YubiHSM 2 SDK through 2023.01 does not properly validate the length of specific read operations on object metadata. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Yubihsm 2 Sdk
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy