Yubico pam-u2f 授权问题漏洞

Yubico pam-u2f is a portable authentication module for U2F. An authorization issue vulnerability exists in Yubico pam-u2f versions prior to 1.1.1, which stems from a logical issue with pam-u2f that could lead to a local PIN bypass depending on the application that pam-u2f is configured and used i...

CVE-2020-10663

The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsi...

Design/Logic Flaw

The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsi...