VYPR

pam_pkcs11

by Opensc Project

Source repositories

CVEs (2)

  • CVE-2025-24032CriFeb 10, 2025
    risk 0.53cvss epss 0.01

    PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. Prior to version 0.6.13, if cert_policy is set to none (the default value), then pam_pkcs11 will only check if the user is capable of logging into the token. An attacker may create a…

  • CVE-2025-24031MedFeb 10, 2025
    risk 0.33cvss epss 0.00

    PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. In versions 0.6.12 and prior, the pam_pkcs11 module segfaults when a user presses ctrl-c/ctrl-d when they are asked for a PIN. When a user enters no PIN at all, `pam_get_pwd` will never…