(1) iodined.c and (2) user.c in iodine before 0.7.0 allows remote attackers to bypass authentication by continuing execution after an error has been triggering.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| kryo | iodine | 0.3.4 |
| kryo | iodine | 0.3.2 |
| kryo | iodine | 0.3.3 |
| kryo | iodine | 0.4.1 |
| kryo | iodine | 0.5.2 |
| kryo | iodine | 0.3.0 |
| kryo | iodine | 0.5.0 |
| kryo | iodine | 0.5.1 |
| kryo | iodine | * |
| kryo | iodine | 0.4.0 |
| kryo | iodine | 0.4.2 |
| kryo | iodine | 0.3.1 |