Lucene search
PRIOn knowledge basePRION:CVE-2020-10184HistoryMar 05, 2020 - 11:15 p.m.
Sql injection
2020-03-0523:15:00
PRIOn knowledge base
www.prio-n.com
7
The verify endpoint in YubiKey Validation Server before 2.40 does not check the length of SQL queries, which allows remote attackers to cause a denial of service, aka SQL injection. NOTE: this issue is potentially relevant to persons outside Yubico who operate a self-hosted OTP validation service; the issue does NOT affect YubiCloud.
| CPE | Name | Operator | Version |
|---|---|---|---|
| yubikey_one_time_password_validation_server | lt | 2.40 |
Related
osv
osv
CVE-2020-10184
2020-03-05 23:15:13
yubikey-val - security update
2020-03-13 00:00:00
debiancve
debiancve
CVE-2020-10184
2020-03-05 23:15:13
nvd
nvd
CVE-2020-10184
2020-03-05 23:15:13
cve
cve
CVE-2020-10184
2020-03-05 23:15:13
cvelist
cvelist
CVE-2020-10184
2020-03-05 22:48:35
ubuntucve
ubuntucve
CVE-2020-10184
2020-03-05 00:00:00
yubico
yubico
Security advisory YSA-2020-01 - Yubico
2020-01-01 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2141-1)
2020-03-18 00:00:00
debian
debian
[SECURITY] [DLA 2141-1] yubikey-val security update
2020-03-12 20:46:44
nessus
nessus
Debian DLA-2141-1 : yubikey-val security update
2020-03-13 00:00:00