Use After Free

libopensc.so is vulnerable to Use After Free. The vulnerability is caused when a user or administrator enrolls or modifies cards, due to the authenticemuupdatetokeninfo function in pkcs15-authentic.c only freeing memory if the scgetchallenge function does not return an error, potentially leaving...

Out-of-bounds Read

libopensc.so is vulnerable to out-of-bounds reads. The vulnerability exists in card-myeid.c because it does not properly validate symmetric keys, which allows an attacker to send maliciously crafted responses to the APDU and read information outside of the intended range...

Buffer Overflow

libopensc.so is vulnerable to Buffer Overflows. The vulnerability exists due to a lack of validation in smartcards in the library, which allows an attacker to send maliciously crafted responses to APDU commands through a malicious smartcard or USB devices, possibly resulting in an application cra...

Authentication Bypass

libopensc.so is vulnerable to Authentication Bypass. The vulnerability exists in the scpkcs15verifypin function of pkcs15-pin.c when a token or card is plugged into the system and authenticated by one process, but can be utilized for cryptographic operations by another process when an empty,...

Denial Of Service (DoS)

libopensc.so is vulnerable to denial of service DoS. It causes an out-of-bounds access due to the way it handles an ASN.1 Octet string in the function asn1decodeentry...

Memory Leak

libopensc.so is susceptible to memory leak. The vulnerability exists when sccontextcreate in ctx.c is invoked from eidenv.c...