Vulnerabilities > Libtom > Libtomcrypt > 1.18.0

DATE CVE VULNERABILITY TITLE RISK
2019-10-09 CVE-2019-17362 Out-of-bounds Read vulnerability in multiple products
In LibTomCrypt through 1.18.2, the der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences.
network
low complexity
libtom debian CWE-125
critical
 9.1
9.1
2018-06-15 CVE-2018-12437 Information Exposure vulnerability in multiple products
LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP.
high complexity
libtom linaro CWE-200
4.9
4.9