← back
CVE-2021-43399

CVE-2021-43399

EPSS 1.4%
The Yubico YubiHSM YubiHSM2 library 2021.08, included in the yubihsm-shell project, does not properly validate the length of some operations including SSH signing requests, and some data operations received from a YubiHSM 2 device.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://blog.inhq.net/posts/yubico-yubihsm-shell-vuln3/https://www.yubico.com/support/security-advisories/ysa-2021-04/