The YubiKey Validation Server verify endpoint in version 2.40 does not validate SQL query length, allowing for potential SQL injection attack
Reporter | Title | Published | Views | Family All 11 |
---|---|---|---|---|
Prion | Sql injection | 5 Mar 202023:15 | – | prion |
Cvelist | CVE-2020-10184 | 5 Mar 202022:48 | – | cvelist |
CVE | CVE-2020-10184 | 5 Mar 202023:15 | – | cve |
NVD | CVE-2020-10184 | 5 Mar 202023:15 | – | nvd |
OSV | CVE-2020-10184 | 5 Mar 202023:15 | – | osv |
OSV | yubikey-val - security update | 13 Mar 202000:00 | – | osv |
UbuntuCve | CVE-2020-10184 | 5 Mar 202000:00 | – | ubuntucve |
Yubico | Security advisory YSA-2020-01 | Yubico | 7 Jan 202000:00 | – | yubico |
OpenVAS | Debian: Security Advisory (DLA-2141-1) | 18 Mar 202000:00 | – | openvas |
Debian | [SECURITY] [DLA 2141-1] yubikey-val security update | 12 Mar 202020:46 | – | debian |
OS | OS Version | Architecture | Package | Package Version | Filename |
---|---|---|---|---|---|
Debian | 10 | all | yubikey-val | 2.38-2 | yubikey-val_2.38-2_all.deb |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo