CVE-2023-39908

The PKCS11 module of the YubiHSM 2 SDK through 2023.01 does not properly validate the length of specific read operations on object metadata. This may lead to disclosure of uninitialized and previously used memory. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt