VYPR

lib9p

by 9front

CVEs (1)

  • CVE-2024-8158MedAug 25, 2024
    risk 0.42cvss 6.5epss 0.00

    A bug in the 9p authentication implementation within lib9p allows an attacker with an existing valid user within the configured auth server to impersonate any other valid filesystem user. This is due to lib9p not properly verifying that the uname given in the Tauth and Tattach…