Tang Project Tang vulnerabilities

CVE-2023-1672 [MEDIUM] CWE-362 CVE-2023-1672: A race condition exists in the Tang server functionality for key generation and key rotation. This f A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.

CVE-2021-4076 [HIGH] CWE-200 CVE-2021-4076: A flaw exists in tang, a network-based cryptographic binding server, which could result in leak of p A flaw exists in tang, a network-based cryptographic binding server, which could result in leak of private keys.