Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.8
CVSSv2

CVE-2015-3298

Published: 30/03/2022 Updated: 08/04/2022
CVSS v2 Base Score: 5.8 | Impact Score: 6.4 | Exploitability Score: 6.5
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 516
Vector: AV:A/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Yubico

Vulnerability Summary

Yubico ykneo-openpgp prior to 1.0.10 has a typo in which an invalid PIN can be used. When first powered up, a signature will be issued even though the PIN has not been validated.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

yubico ykneo-openpgp

Github Repositories

https://github.com/IJHack/QtPass

QtPass is a multi-platform GUI for pass, the standard unix password manager.

QtPass QtPass is a GUI for pass, the standard unix password manager Features Using pass or git and gpg2 directly Configurable shoulder surfing protection options Cross platform: Linux, BSD, macOS and Windows Per-folder user selection for multi recipient encryption Multiple profiles Easy onboarding Logo based on Heart-padlock by AnonMoos Installation From package O

References

CWE-347https://developers.yubico.com/ykneo-openpgp/SecurityAdvisory%202015-04-14.htmlhttps://nvd.nist.govhttps://github.com/IJHack/QtPass
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook