First published: Wed Sep 08 2021(Updated: )
scheme/webauthn.c in Glewlwyd SSO server through 2.5.3 has a buffer overflow during FIDO2 signature validation in webauthn registration.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Glewlwyd Sso Server Project Glewlwyd Sso Server | <=2.5.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-40818 is a vulnerability in Glewlwyd SSO server through version 2.5.3 that allows for a buffer overflow during FIDO2 signature validation in webauthn registration.
CVE-2021-40818 has a severity of 9.8 (critical).
Glewlwyd SSO server through version 2.5.3 is affected by CVE-2021-40818.
The recommended fix for CVE-2021-40818 is to update Glewlwyd SSO server to a version higher than 2.5.3.
More information about CVE-2021-40818 can be found at the following references: [link1](https://bugs.debian.org/993867), [link2](https://github.com/babelouest/glewlwyd/commit/0efd112bb62f566877750ad62ee828bff579b4e2).