2 matches found
GHSA-PGCR-7WM4-MCV6 Sensitive Data Exposure in pem
Versions of pem before 1.13.2 expose sensitive data when the readPkcs12 is used. The readPkcs12 function reads the certificate and key data from a pkcs12 file using the encryption password. As part of this process it creates a globally readable file with a filename of 20 random 0-f characters in...
cloudwu PBC Null Pointer Dereference Vulnerability
cloudwu PBC is a C-based Google protocol buffer library . A null pointer dereference vulnerability exists in the 'pbcwmessagestring' function in the wmessage.c file of the libpbc.a static link library in cloudwu PBC 2017-03-02 and earlier versions, which can be exploited by an attacker to cause a...