3 matches found
Security Advisory YSA-2021-04 | Yubico
The YubiHSM library that is included in the yubihsm-shell project, does not properly validate the length of some operations including SSH signing requests and some data operations received from the YubiHSM 2...
Security Advisory YSA-2021-01 | Yubico
The yubihsm library, included in the yubihsm-shell project, does not properly validate the length of authenticated messages during device communication. A maliciously-crafted YubiHSM 2 device, or someone with access to traffic between the HSM and yubihsm library, could cause the yubihsm library t...
Security Advisory YSA-2020-06 | Yubico
The yubihsm library, included in the yubihsm-shell project, does not properly validate two message fields during device communication. A maliciously-crafted YubiHSM2 device, or someone with access to the HTTP traffic between a client and server handling the device, could cause the yubihsm library...