CNNVD-202602-1457 Information
CNNVD ID
CNNVD-202602-1457
Related CVE
- CNNVD Published: 2026-02-10
Description (Chinese)
munge是Chris Dunlap个人开发者的一款用于创建和验证凭据的身份验证服务。 MUNGE 0.5.18之前版本存在安全漏洞,该漏洞源于munged存在缓冲区溢出,可能导致泄露加密密钥材料。
Description (English)
munge is a section of Chris Dunlap’s personal developer that is used to create and validate a certificate-based identification service. There was a security loophole in the previous version of MUNGE 0.5.18, which resulted from the presence of a buffer zone spill that could lead to the disclosure of encryption key material.
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2026-02-10
Last Modified
2026-02-24
References
https://github.com/dun/munge/commit/bf40cc27c4ce8451d4b062c9de0b67ec40894812 https://github.com/dun/munge/releases/tag/munge-0.5.18 https://github.com/dun/munge/security/advisories/GHSA-r9cr-jf4v-75gh http://www.openwall.com/lists/oss-security/2026/02/10/3 https://lists.debian.org/debian-lts-announce/2026/02/msg00015.html
Patch
https://github.com/dun/munge/releases/
Share on: