CNNVD-202506-3365 Information
Jun 26, 2025
cve
CNNVD ID
CNNVD-202506-3365
Related CVE
- CNNVD Published: 2025-06-26
Description (Chinese)
yubiserver是yubiserver开源的一个一次性口令验证服务器。 yubiserver 0.6之前版本存在安全漏洞,该漏洞源于sprintf使用不当导致缓冲区溢出。
Description (English)
yubiserver is a one-time password authentication server for the open source of yubiserver. There was a security loophole in the pre-Yubiserver 0.6 version, which stemmed from the spilling of the buffer zone as a result of the improper use of sprintf.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
yubiserver
Published
2025-06-26
Last Modified
2026-02-24
References
https://bugs.debian.org/796495 http://www.include.gr/debian/yubiserver/#changelog
Patch
http://www.include.gr/debian/yubiserver/#changelog
Share on: