Libtom
libtom
4 CVEs • 2 products
Products (2)
Click to collapseToggle
Products (2)
Click to collapse
CVEs (4)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
2Fedoraproject Libtom2Fedora LibtommathJun 26, 2025 Sep 1, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS). |
2Debian Libtom2Debian Linux LibtomcryptNov 21, 2024 Oct 9, 2019 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 In LibTomCrypt through 1.18.2, the der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of serv...Show more |
2Libtom Linaro2Libtomcrypt Op TeeNov 21, 2024 Jun 15, 2018 N/A· v4 4.9 MEDIUM· v3 1.9 LOW· v2 LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local mach...Show more |
2Libtom Op Tee2Libtomcrypt Op Tee OsMay 13, 2026 Feb 13, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes it easier for remote a...Show more |