Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-8vwm-8vj8-rqjf

GitHub Security Advisory

User login denial of service in github.com/google/fscrypt

✓ GitHub Reviewed MODERATE Has CVE
View on GitHub

Advisory Details

The PAM module for fscrypt doesn't adequately validate fscrypt metadata files, allowing users to create malicious metadata files that prevent other users from logging in. A local user can cause a denial of service by creating a fscrypt metadata file that prevents other users from logging into the system. We recommend upgrading to version 0.3.3 or above

Affected Packages

Go github.com/google/fscrypt
Affected versions: 0 (fixed in 0.3.3)

Related CVEs

CVE-2022-25327

Key Information

GHSA ID
GHSA-8vwm-8vj8-rqjf
Published
February 26, 2022 12:00 AM
Last Modified
March 1, 2022 7:27 PM
CVSS Score
5.0 /10
Primary Ecosystem
Go
Primary Package
github.com/google/fscrypt
GitHub Reviewed
✓ Yes

Dataset

Last updated: July 6, 2025 6:30 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.