Vulnerabilities > Yubico > Libu2F Host

DATE CVE VULNERABILITY TITLE RISK
2019-03-21 CVE-2018-20340 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Yubico libu2f-host 1.1.6 contains unchecked buffers in devs.c, which could enable a malicious token to exploit a buffer overflow.
local
low complexity
yubico debian CWE-119
4.6
2019-03-05 CVE-2019-9578 Use of Uninitialized Resource vulnerability in Yubico Libu2F-Host
In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking uninitialized stack memory back to the device.
network
low complexity
yubico CWE-908
7.5