Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Libtomcrypt
(Libtom)Repositories | https://github.com/libtom/libtomcrypt |
#Vulnerabilities | 3 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-10-09 | CVE-2019-17362 | In LibTomCrypt through 1.18.2, the der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) or read information from other memory locations via carefully crafted DER-encoded data. | Debian_linux, Libtomcrypt | 9.1 | ||
2018-06-15 | CVE-2018-12437 | LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. | Libtomcrypt, Op\-Tee | 4.9 |