11 matches found
EUVD-2020-5408
Malware in sbrugna...
EUVD-2020-5407
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-13131
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Yubico libykpiv before 2.1.0. lib/util.c in this library which is included in yubico-piv-tool does not properly check embedded length...
Linux Distros Unpatched Vulnerability : CVE-2020-13132
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Yubico libykpiv before 2.1.0. An attacker can trigger an incorrect free in the ykpivutilgeneratekey function in lib/util.c through...
SUSE CVE-2020-13131
An issue was discovered in Yubico libykpiv before 2.1.0. lib/util.c in this library which is included in yubico-piv-tool does not properly check embedded length fields during device communication. A malicious PIV token can misreport the returned length fields during RSA key generation. This will...
Yubico libykpiv Information Disclosure Vulnerability
Yubico libykpiv is a secret key processing library in a YubiKey smart card micro driver from Yubico, Sweden. A security vulnerability exists in the lib/util.c file in Yubico libykpiv versions prior to 2.1.0. The vulnerability stems from an error in configuration or other errors in the operation o...
CVE-2020-13131
An issue was discovered in Yubico libykpiv before 2.1.0. lib/util.c in this library which is included in yubico-piv-tool does not properly check embedded length fields during device communication. A malicious PIV token can misreport the returned length fields during RSA key generation. This will...
Heap overflow
An issue was discovered in Yubico libykpiv before 2.1.0. lib/util.c in this library which is included in yubico-piv-tool does not properly check embedded length fields during device communication. A malicious PIV token can misreport the returned length fields during RSA key generation. This will...
CVE-2020-13131
An issue was discovered in Yubico libykpiv before 2.1.0. lib/util.c in this library which is included in yubico-piv-tool does not properly check embedded length fields during device communication. A malicious PIV token can misreport the returned length fields during RSA key generation. This will...
UBUNTU-CVE-2020-13131
An issue was discovered in Yubico libykpiv before 2.1.0. lib/util.c in this library which is included in yubico-piv-tool does not properly check embedded length fields during device communication. A malicious PIV token can misreport the returned length fields during RSA key generation. This will...
CVE-2020-13132
An issue was discovered in Yubico libykpiv before 2.1.0. An attacker can trigger an incorrect free in the ykpivutilgeneratekey function in lib/util.c through incorrect error handling code. This could be used to cause a denial of service attack...