Lucene search
+L

7 matches found

OSV
OSV
added 2026/02/13 5:42 p.m.3 views

OPENSUSE-SU-2026:20233-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues: Upgrade openCryptoki to 3.26 jscPED-14609 Security fixes: - CVE-2026-22791: supplying malformed compressed EC public key can lead to heap corruption or denial-of-service bsc1256673. - CVE-2026-23893: Privilege Escalation or Data Exposure vi...

6.8CVSS5.8AI score0.00237EPSS
Exploits1References4
OSV
OSV
added 2026/02/06 3:57 p.m.8 views

OESA-2026-1320 opencryptoki security update

openCryptoki is an implementation of the PKCS 11 API that allows interfacing to devices that hold cryptographic information and perform cryptographic functions. openCryptoki provides application portability by isolating the application from the details of the cryptographic device. Isolating the...

6.8CVSS6.2AI score0.00237EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.5 views

SUSE SLES15 Security Update : openCryptoki (SUSE-SU-2026:0291-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0291-1 advisory. - CVE-2026-22791: Fixed supplying malformed compressed EC public key can lead to heap corruption or denial-of-service bsc1256673. Tenable ha...

6.6CVSS5.5AI score0.00237EPSS
Exploits1References4
SUSE Linux
SUSE Linux
added 2026/01/26 11:11 a.m.4 views

Security update for openCryptoki

This update for openCryptoki fixes the following issues: CVE-2026-22791: Fixed supplying malformed compressed EC public key can lead to heap corruption or denial-of-service bsc1256673. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

6.9CVSS5.9AI score0.00237EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-22791

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP...

6.6CVSS5.7AI score0.00237EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2026/01/15 12:0 a.m.5 views

openCryptoki-3.26.0-3.1 on GA media (moderate)

openCryptoki-3.26.0-3.1 on GA media Announcement ID: openSUSE-SU-2026:10048-1 Rating: moderate Cross-References: CVE-2026-22791 CVSS scores: CVE-2026-22791 SUSE : 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2026-22791 SUSE : 6.9...

6.9CVSS7.2AI score0.00237EPSS
Exploits1
Debian CVE
Debian CVE
added 2026/01/13 7:6 p.m.8 views

CVE-2026-22791

openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key...

6.6CVSS5.6AI score0.00237EPSS
Exploits1
Rows per page
Query Builder