Astra Linux - уязвимость в opensc

A issue was discovered in OpenSC between versions 0.19.0 and 0.20.x, as well as in versions 0.20.0-rc3. There is an incorrect read operation in the code for libopensc/card-setcos.c during the parsing of a SETCOS file attribute...

Astra Linux - уязвимость в opensc

A heap-based buffer overflow vulnerability was discovered in the libopensc OpenPGP driver. A specially crafted USB device or smart card, containing malicious responses to APDUs during the card enrollment process using the pkcs15-init tool, may lead to unauthorized access, potentially resulting in...

SUSE CVE-2025-13763

Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted USB device or smart card that would present the system with specially crafted responses to the APDUs...

CVE-2025-13763

Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted USB device or smart card that would present the system with specially crafted responses to the APDUs...

EUVD-2025-209564

Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted USB device or smart card that would present the system with specially crafted responses to the APDUs...

CVE-2025-13763 Libopensc: opensc: multiple uses of uninitialized variable

Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted USB device or smart card that would present the system with specially crafted responses to the APDUs...

CVE-2025-13763

CVE-2025-13763 affects OpenSC's libopensc with multiple uses of uninitialized variables, potentially allowing information disclosure or application crash. The issue requires a crafted USB device or smart card that supplies specially crafted APDUs. Reports indicate Red Hat and Fedora/OpenSUSE advi...

CVE-2025-13763

Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted USB device or smart card that would present the system with specially crafted responses to the APDUs Mitigation To mitigate this issue, avoid...

Advisory ROSA-SA-2026-3196

Software: opensc 0.20.0 OS: ROSA Virtualization 2.1 unaffected versions = opensc-0.20.0-8.0.1.rv3 affected versions opensc-0.20.0-8.0.1.rv3 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...

Advisory ROSA-SA-2026-3178

Software: opensc 0.20.0 OS: ROSA Virtualization 3.0 unaffected versions = opensc-0.20.0-8.0.1.rv30 affected versions opensc-0.20.0-8.0.1.rv30 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...

Advisory ROSA-SA-2026-3158

Software: opensc 0.20.0 OS: ROSA Virtualization 3.1 unaffected versions = opensc-0.20.0-8.0.1.rv31 affected versions opensc-0.20.0-8.0.1.rv31 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...

MiracleLinux 8 : opensc-0.20.0-2.el8 (AXSA:2021-1113:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1113:01 advisory. opensc: Out-of-bounds access of an ASN.1 Bitstring in decodebitstring in libopensc/asn1.c CVE-2019-15945 opensc: Out-of-bounds access of an ASN.1...

EUVD-2019-9100

Malware in sbrugna...

EUVD-2019-9099

Malware in sbrugna...

EUVD-2024-49628

Malicious code in bioql PyPI...

Advisory ROSA-SA-2025-3012

software: opensc 0.26.1 OS: ROSA-CHROME unaffected versions = opensc-0.26.1-1 affected versions opensc-0.26.1-1 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc library of the OpenSC smart ca...

SUSE-SU-2025:20671-1 Security update for opensc

This update for opensc fixes the following issues: - CVE-2023-5992: Side-channel leaks while stripping encryption PKCS1 padding bsc1219386. - CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key bsc1230364. - CVE-2024-45620: Incorrect handling of the length of buffers or file...

Security update for opensc

This update for opensc fixes the following issues: CVE-2023-5992: Side-channel leaks while stripping encryption PKCS1 padding bsc1219386. CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key bsc1230364. CVE-2024-45620: Incorrect handling of the length of buffers or files in...

Libopensc: heap buffer overflow in openpgp driver when generating key

...

Libopensc: uninitialized values after incorrect or missing checking return values of functions in pkcs15init

...