Yubico Libu2f Host
By the Year
In 2024 there have been 0 vulnerabilities in Yubico Libu2f Host . Libu2f Host did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 2 | 7.15 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Libu2f Host vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Yubico Libu2f Host Security Vulnerabilities
Yubico libu2f-host 1.1.6 contains unchecked buffers in devs.c, which could enable a malicious token to exploit a buffer overflow
CVE-2018-20340
6.8 - Medium
- March 21, 2019
Yubico libu2f-host 1.1.6 contains unchecked buffers in devs.c, which could enable a malicious token to exploit a buffer overflow. An attacker could use this to attempt to execute malicious code using a crafted USB device masquerading as a security token on a computer where the affected library is currently in use. It is not possible to perform this attack with a genuine YubiKey.
Buffer Overflow
In devs.c in Yubico libu2f-host before 1.1.8
CVE-2019-9578
7.5 - High
- March 05, 2019
In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking uninitialized stack memory back to the device.
Use of Uninitialized Resource
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Yubico Libu2f Host or by Yubico? Click the Watch button to subscribe.
