Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
P11-glue P11-kit 缓冲区错误漏洞
Vulnerability Description
P11-glue P11-kit是P11-glue个人开发者的一个用于加载和枚举PKCS模块的工具软件。 P11-glue P11-kit server/remote 0.23.6版本至0.23.21版本存在缓冲区错误漏洞,该漏洞源于RPC协议中发现了基于堆的缓冲区溢出,当远程实体在CK_ATTRIBUTE中提供序列化的字节数组时,接收实体可能没有为缓冲区分配足够的长度来存储反序列化的值。
CVSS Information
N/A
Vulnerability Type
N/A