Vulnerabilities > Yubico > Libu2F Host > 1.1.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-21 | CVE-2018-20340 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Yubico libu2f-host 1.1.6 contains unchecked buffers in devs.c, which could enable a malicious token to exploit a buffer overflow. | 4.6 |
| 2019-03-05 | CVE-2019-9578 | Use of Uninitialized Resource vulnerability in Yubico Libu2F-Host In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking uninitialized stack memory back to the device. | 7.5 |