Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Yubico Subscribe
Filtered by product Yubico Pam
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-9275 1 Yubico 1 Yubico Pam 2018-05-21 6.4 MEDIUM 8.2 HIGH
In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure (serial number of a device) and/or DoS (reaching the maximum number of file descriptors).