Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The PKCS11 module of the YubiHSM 2 SDK through 2023.01 does not properly validate the length of specific read operations on object metadata. This may lead to disclosure of uninitialized and previously used memory.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Yubico YubiHSM 2 SDK 缓冲区错误漏洞
Vulnerability Description
Yubico YubiHSM是Yubico公司的一个解决方案。用于保护证书颁发机构根密钥不被攻击者、恶意软件和恶意内部人员复制。 Yubico YubiHSM 2 SDK 2023.01 及之前版本存在安全漏洞,该漏洞源于PKCS11 模块无法正确验证对象元数据的特定读取操作的长度,导致未初始化和内存泄露。
CVSS Information
N/A
Vulnerability Type
N/A