The PKCS11 module of the YubiHSM 2 SDK up to and including 2023.01 does not properly validate the length of specific read operations on object metadata. This may lead to disclosure of uninitialized and previously used memory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
yubico yubihsm 2 sdk |