rpm package
opensuse/pam_yubico&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/pam_yubico&distro=openSUSE%20Tumbleweed
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-9275 | Hig | 8.2 | < 2.27-1.5 | 2.27-1.5 | Apr 4, 2018 | In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure (serial number of a device) and/or DoS (reaching the maximum number of file de |
- affected < 2.27-1.5fixed 2.27-1.5
In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure (serial number of a device) and/or DoS (reaching the maximum number of file de