CVE-2023-49208

Name of the Vulnerable Software and Affected Versions Glewlwyd SSO server versions prior to 2.7.6

Description The issue is related to a possible buffer overflow during FIDO2 credentials validation in webauthn registration. This occurs in the scheme/webauthn.c file of the Glewlwyd SSO server.

Recommendations For versions prior to 2.7.6, update to version 2.7.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the webauthn registration feature until the update is applied.