Advisories for Maven/Org.kohsuke/Libpam4j package

2022

Improper Input Validation

It was found that libpam4j up to and including 1.8 does not properly validate user accounts when authenticating. A user with a valid password for a disabled account would be able to bypass security restrictions and possibly access sensitive information.