mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
746 B
746 B
CVE-2023-39908
Description
The PKCS11 module of the YubiHSM 2 SDK through 2023.01 does not properly validate the length of specific read operations on object metadata. This may lead to disclosure of uninitialized and previously used memory.
POC
Reference
- https://blog.inhq.net/posts/yubico-yubihsm-pkcs-vuln/
- https://blog.inhq.net/posts/yubico-yubihsm-pkcs-vuln/
Github
No PoCs found on GitHub currently.