← voltar
CVE-2020-29363

CVE-2020-29363

EPSS 3.5%
An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/p11-glue/p11-kit/releaseshttps://github.com/p11-glue/p11-kit/security/advisories/GHSA-5j67-fw89-fp6xhttps://www.debian.org/security/2021/dsa-4822https://www.oracle.com/security-alerts/cpuapr2022.html