VulnerableCode Package Details - pkg:deb/debian/oath-toolkit@1.12.4-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/oath-toolkit@1.12.4-1

Essentials
History (3)

purl	pkg:deb/debian/oath-toolkit@1.12.4-1

Next non-vulnerable version	2.4.1-1
Latest non-vulnerable version	2.4.1-1
Risk

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-wen1-hzgy-1qa2 Aliases: CVE-2013-7322	usersfile.c in liboath in OATH Toolkit before 2.4.1 does not properly handle lines containing an invalid one-time-password (OTP) type and a user name in /etc/users.oath, which causes the wrong line to be updated when invalidating an OTP and allows context-dependent attackers to conduct replay attacks, as demonstrated by a commented out line when using libpam-oath.	2.4.1-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T22:46:56.315329+00:00	Debian Oval Importer	Affected by	VCID-wen1-hzgy-1qa2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T22:23:25.732540+00:00	Debian Oval Importer	Affected by	VCID-wen1-hzgy-1qa2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T21:59:25.606148+00:00	Debian Oval Importer	Affected by	VCID-wen1-hzgy-1qa2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0