CVE-2023-49208

Опубликовано: 23 нояб. 2023

Источник: debian

EPSS Низкий

Описание

scheme/webauthn.c in Glewlwyd SSO server before 2.7.6 has a possible buffer overflow during FIDO2 credentials validation in webauthn registration.

Пакет	Статус	Версия исправления	Релиз	Тип
glewlwyd	fixed	2.7.6+ds-1		package
glewlwyd	fixed	2.7.5-3+deb12u1	bookworm	package
glewlwyd	fixed	2.5.2-2+deb11u3	bullseye	package
glewlwyd	not-affected		buster	package

https://github.com/babelouest/glewlwyd/commit/f9d8c06aae8dfe17e761b18b577ff169e059e812 (v2.7.6)
Introduced by: https://github.com/babelouest/glewlwyd/commit/13265133e8287f246f2feecb24449179d20c9f0e (v2.0.0b1)

EPSS

Процентиль: 31%

0.00116

Низкий

CVE-2023-49208

CVSS3: 9.8

ubuntu

около 2 лет назад

scheme/webauthn.c in Glewlwyd SSO server before 2.7.6 has a possible buffer overflow during FIDO2 credentials validation in webauthn registration.

CVE-2023-49208

CVSS3: 9.8

nvd

около 2 лет назад

scheme/webauthn.c in Glewlwyd SSO server before 2.7.6 has a possible buffer overflow during FIDO2 credentials validation in webauthn registration.

GHSA-x7rh-wvh4-cx6x

CVSS3: 9.8

github

около 2 лет назад

scheme/webauthn.c in Glewlwyd SSO server before 2.7.6 has a possible buffer overflow during FIDO2 credentials validation in webauthn registration.

EPSS

Процентиль: 31%

0.00116

Низкий