Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in the /api/connector endpoint handler in Yubico yubihsm-connector before 3.0.1 (in YubiHSM SDK before 2021.04). The handler did not validate the length of the request, which can lead to a state where yubihsm-connector becomes stuck in a loop waiting for the YubiHSM to send it data, preventing any further operations until the yubihsm-connector is restarted. An attacker can send 0, 1, or 2 bytes to trigger this.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Per Nilsson yubihsm-connector 安全漏洞
Vulnerability Description
Per Nilsson yubihsm-connector是Per Nilsson开源的一个应用软件。提供一个自记录文件。 Yubico yubihsm-connector 3.0.1之前版本存在安全漏洞,该漏洞源于处理程序没有验证请求的长度。
CVSS Information
N/A
Vulnerability Type
N/A