CVE-2021-43399

The Yubico YubiHSM YubiHSM2 library 2021.08, included in the yubihsm-shell project, does not properly validate the length of some operations including SSH signing requests, and some data operations received from a YubiHSM 2 device...

CVE-2021-43399

Summary of CVE-2021-43399 (YubiHSM/YubiHSM2 in yubihsm-shell) A boundary/length validation vulnerability exists in the YubiHSM2 library version 2021.08 as included in yubihsm-shell, affecting operations such as SSH signing requests and certain data operations from a YubiHSM 2 device. Multiple sou...

CVE-2021-43399

The Yubico YubiHSM YubiHSM2 library 2021.08, included in the yubihsm-shell project, does not properly validate the length of some operations including SSH signing requests, and some data operations received from a YubiHSM 2 device...

yubihsm-shell 缓冲区错误漏洞

yubihsm-shell is a component for individual developers to interact with YubiHSM 2. The component is mostly found in applications that interact with YubiHSM 2 and is geared towards user and program level interaction. A buffer error vulnerability exists in yubihsm-shell where the product does not...

Security Advisory YSA-2020-06 | Yubico

The yubihsm library, included in the yubihsm-shell project, does not properly validate two message fields during device communication. A maliciously-crafted YubiHSM2 device, or someone with access to the HTTP traffic between a client and server handling the device, could cause the yubihsm library...