VYPR

rpm package

opensuse/yubico-piv-tool&distro=openSUSE Leap 15.0

pkg:rpm/opensuse/yubico-piv-tool&distro=openSUSE%20Leap%2015.0

Vulnerabilities (2)

  • CVE-2018-14780MedAug 15, 2018
    affected < 1.5.0-lp150.2.3.1fixed 1.5.0-lp150.2.3.1

    An out-of-bounds read issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function `_ykpiv_fetch_object()`: {% highlight c %} if(sw == SW_SUCCESS) { size_t outlen; int offs = _ykpiv_get_length(data + 1, &outlen);

  • CVE-2018-14779MedAug 15, 2018
    affected < 1.5.0-lp150.2.3.1fixed 1.5.0-lp150.2.3.1

    A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function `ykpiv_transfer_data()`: {% highlight c %} if(*out_len + recv_len - 2 > max_out) { fprintf(stderr, "Output buffer to small, wanted to