Description
yubiserver before 0.6 is prone to SQL injection issues, potentially leading to an authentication bypass.
Related CPE's
a
debian
yubiserver
2
References
http://www.include.gr/debian/yubiserver/#changelog
Release Notes
https://bugs.debian.org/796495
Issue TrackingMailing ListVendor Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 · Critical
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2025-06-26T22:15:24.503
5 months agoLast modified
2025-08-06T15:38:05.563
4 months ago