2024-10-10 13:42:31
canonical
PUBLISHED
Authd, through version 0.3.6, did not sufficiently randomize user IDs to prevent collisions. A local attacker who can register user names could spoof another users ID and gain their privileges.