Glewlwyd Sso Server Project Glewlwyd Sso Server — known CVE vulnerabilities
Every CVE whose affected-product data names Glewlwyd Sso Server Project Glewlwyd Sso Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2021-40818 — CVSS 9.8 (critical): scheme/webauthn.c in Glewlwyd SSO server through 2.5.3 has a buffer overflow during FIDO2 signature validation in webauthn registration.
CVE-2022-27240 — CVSS 9.8 (critical): scheme/webauthn.c in Glewlwyd SSO server 2.x before 2.6.2 has a buffer overflow associated with a webauthn assertion.
CVE-2023-49208 — CVSS 9.8 (critical): scheme/webauthn.c in Glewlwyd SSO server before 2.7.6 has a possible buffer overflow during FIDO2 credentials validation in webauthn…