Yubico-Piv Buffer Overflow Vulnerability (CNVD-2018-16943)
Yubico-Piv is a tool for interacting with YubiKey's Identity Card PIV application. A buffer overflow vulnerability exists in the 'ykpivfetchobject' function in the lib/ykpiv.c file in Yubico-Piv version 1.5.0. The vulnerability can be exploited to execute malicious code via a specially crafted US...