6 matches found
QES-Backed Virtual FIDO2 Authenticators: Architectural Options for Secure, Synchronizable WebAuthn Credentials
FIDO2 and the WebAuthn standard offer phishing-resistant, public-key based authentication but traditionally rely on device-bound cryptographic keys that are not naturally portable across user devices. Recent passkey deployments address this limitation by enabling multi-device credentials...
UBUNTU-CVE-2023-49208
scheme/webauthn.c in Glewlwyd SSO server before 2.7.6 has a possible buffer overflow during FIDO2 credentials validation in webauthn registration...
Glewlwyd SSO server security vulnerability
Glewlwyd SSO server is a single sign-on SSO server for multi-factor authentication for OAuth2 and OpenID Connect authentication. A security vulnerability exists in Glewlwyd SSO server versions prior to 2.7.6 that stems from a buffer overflow vulnerability in the FIDO2 credential validation proces...
django-mfa3 授权问题漏洞
django-mfa3 is a stubborn Django application that handles multi-factor authentication MFA via FIDO2, TOTP and recovery code. A security vulnerability exists in django-mfa3. No information about this vulnerability is available at this time, so please stay tuned to CNNVD or the vendor announcement...
UBUNTU-CVE-2021-40818
scheme/webauthn.c in Glewlwyd SSO server through 2.5.3 has a buffer overflow during FIDO2 signature validation in webauthn registration...
SoloKeys Solo 加密问题漏洞
SoloKeys Solo is an open source security key. SoloKeys Solo 4.0.0 & Somu and the Nitrokey FIDO2 token suffers from a security vulnerability that stems from not enforcing the flash readout protection RDP level. This allows an attacker to lower the RDP level...