Max CVSS | 5.5 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-9578 | 5.0 |
In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking uninitialized stack memory back to the device.
|
24-08-2020 - 17:37 | 05-03-2019 - 23:29 | |
CVE-2019-12210 | 5.5 |
In Yubico pam-u2f 1.0.7, when configured with debug and a custom debug log file is set using debug_file, that file descriptor is not closed when a new process is spawned. This leads to the file descriptor being inherited into the child process; the c
|
24-08-2020 - 17:37 | 04-06-2019 - 21:29 | |
CVE-2019-12209 | 5.0 |
Yubico pam-u2f 1.0.7 attempts parsing of the configured authfile (default $HOME/.config/Yubico/u2f_keys) as root (unless openasuser was enabled), and does not properly verify that the path lacks symlinks pointing to other files on the system owned by
|
24-08-2020 - 17:37 | 04-06-2019 - 21:29 |