1 results (0.002 seconds)
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1
CVE-2015-3298
https://notcve.org/view.php?id=CVE-2015-3298
Yubico ykneo-openpgp before 1.0.10 has a typo in which an invalid PIN can be used. When first powered up, a signature will be issued even though the PIN has not been validated. Yubico ykneo-openpgp versiones anteriores a 1.0.10, presenta una errata en la que puede usarse un PIN no válido. Cuando es encendido por primera vez, es emitida una firma aunque el PIN no haya sido comprendido • https://developers.yubico.com/ykneo-openpgp/SecurityAdvisory%202015-04-14.html • CWE-347: Improper Verification of Cryptographic Signature •