CNNVD-202506-3364 Information
Jun 26, 2025
cve
CNNVD ID
CNNVD-202506-3364
Related CVE
- CNNVD Published: 2025-06-26
Description (Chinese)
yubiserver是yubiserver开源的一个一次性口令验证服务器。 yubiserver 0.6之前版本存在安全漏洞,该漏洞源于容易受到SQL注入攻击,可能导致身份验证绕过。
Description (English)
yubiserver is a one-time password authentication server for the open source of yubiserver. There is a security loophole in the pre-Yubiserver 0.6 version, which stems from the vulnerability of SQL injections, which may lead to a circumvention of identification.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
yubiserver
Published
2025-06-26
Last Modified
2026-02-24
References
http://www.include.gr/debian/yubiserver/#changelog https://bugs.debian.org/796495
Patch
http://www.include.gr/debian/yubiserver/#changelog
Share on: