← Back

CVE-2023-49208

nvd nist
Published: Nov 23, 2023Modified: Jun 17, 2026

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

scheme/webauthn.c in Glewlwyd SSO server before 2.7.6 has a possible buffer overflow during FIDO2 credentials validation in webauthn registration.

Affected (1)

Glewlwyd Sso Server Project
1 product
Glewlwyd Sso Server
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Glewlwyd Sso Server
Before 2.7.6

Related CWEs

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (4)

Source: cve@mitre.org
Patch
Source: cve@mitre.org
PatchRelease Notes
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
PatchRelease Notes

Timeline

No history available yet.