wolfTPM 安全漏洞

wolfTPM is a highly portable TPM library open-sourced by wolfSSL. A security vulnerability exists in wolfTPM, which stems from the fact that exporting an RSA key larger than 2048 bits may result in a stack buffer overflow...

AZL-27812 CVE-2023-29409 affecting package golang for versions less than 1.20.7-1

Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three...