Every CVE whose affected-product data names Yubico Pam-u2f, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2019-12210 — CVSS 8.1 (high): In Yubico pam-u2f 1.0.7, when configured with debug and a custom debug log file is set using debug_file, that file descriptor is not closed…
CVE-2019-12209 — CVSS 7.5 (high): Yubico pam-u2f 1.0.7 attempts parsing of the configured authfile (default $HOME/.config/Yubico/u2f_keys) as root (unless openasuser was…
CVE-2021-31924 — CVSS 6.8 (medium): Yubico pam-u2f before 1.1.1 has a logic issue that, depending on the pam-u2f configuration and the application used, could lead to a local…