P11-kit Project P11-kit 0.23.8

CPE Details

P11-kit Project P11-kit 0.23.8
p11-kit_project
p11-kit
0.23.8
2021-01-11
12h11 +00:00
2021-01-11
12h11 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:p11-kit_project:p11-kit:0.23.8:*:*:*:*:*:*:*

Informations

Vendor

p11-kit_project

Product

p11-kit

Version

0.23.8

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-29361 2020-12-16 12h35 +00:00 An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc.
7.5
High
CVE-2020-29362 2020-12-16 12h32 +00:00 An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation.
5.3
Medium
CVE-2020-29363 2020-12-16 12h29 +00:00 An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value.
7.5
High