VYPR

glewlwyd

by Glewlwyd

CVEs (3)

  • CVE-2022-29967HigApr 29, 2022
    risk 0.00cvss 7.5epss 0.01

    static_compressed_inmemory_website_callback.c in Glewlwyd through 2.6.2 allows directory traversal.

  • CVE-2021-45379HigDec 30, 2021
    risk 0.00cvss 8.8epss 0.01

    Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user can attempt to log in as another user without its password.

  • CVE-2021-40818CriSep 8, 2021
    risk 0.00cvss 9.8epss 0.01

    scheme/webauthn.c in Glewlwyd SSO server through 2.5.3 has a buffer overflow during FIDO2 signature validation in webauthn registration.