RSS   Vulnerabilities for
'Yubihsm 2 software development kit'
   RSS

2021-12-08
 
CVE-2021-43399

CWE-787
 

 
The Yubico YubiHSM YubiHSM2 library 2021.08, included in the yubihsm-shell project, does not properly validate the length of some operations including SSH signing requests, and some data operations received from a YubiHSM 2 device.

 

 >>> Vendor: Yubico 11 Products
Piv manager
Smart card minidriver
Libu2f-host
Pam-u2f
Yubikey one time password validation server
Libykpiv
Piv tool manager
Yubikey smart card minidriver
Yubihsm-shell
Yubihsm connector
Yubihsm 2 software development kit


Copyright 2024, cxsecurity.com

 

Back to Top