309 matches found
CVE-2026-23893
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
AZL-75360 CVE-2026-23893 affecting package opencryptoki 3.17.0-1
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
AZL-75381 CVE-2026-23893 affecting package opencryptoki 3.24.0-3
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
DEBIAN-CVE-2026-23893
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
CVE-2026-23893
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
UBUNTU-CVE-2026-23893
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
EUVD-2026-4203
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
CVE-2026-23893
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
CVE-2026-23893
CVE-2026-23893 affects openCryptoki (PKCS#11 library) versions 2.3.2 and above. The issue is a symlink-following vulnerability in privileged contexts: a token-group member can plant files/symlinks in group-writable token directories, enabling privilege escalation or data exposure. When run as roo...
CVE-2026-23893 openCryptoki has improper link resolution before file access (link following)
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
CVE-2026-23893 openCryptoki has improper link resolution before file access (link following)
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
CVE-2026-23893
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
CVE-2026-23893 openCryptoki has improper link resolution before file access (link following)
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
openCryptoki backend link vulnerability
openCryptoki is an open-source library and tool for Linux that utilizes the PKCS11 standard. Versions of openCryptoki 2.3.2 and later contain a post-release vulnerability due to a symbol linking issue when running in privileged environments. This vulnerability could lead to privilege escalation o...
Azure Linux 3.0 Security Update: opencryptoki (CVE-2024-0914)
The version of opencryptoki installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0914 advisory. - A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RS...
MiracleLinux 9 : opencryptoki-3.21.0-9.el9_3.ML.1 (AXSA:2024-7597:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7597:01 advisory. opencryptoki: timing side-channel in handling of RSA PKCS1 v1.5 padded ciphertexts Marvin CVE-2024-0914 Tenable has extracted the preceding description block...
MiracleLinux 8 : opencryptoki-3.21.0-10.el8_9.ML.1 (AXSA:2024-7646:02)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7646:02 advisory. opencryptoki: timing side-channel in handling of RSA PKCS1 v1.5 padded ciphertexts Marvin CVE-2024-0914 Tenable has extracted the preceding description block...
SUSE CVE-2026-22791
openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key...
openCryptoki-3.26.0-3.1 on GA media (moderate)
openCryptoki-3.26.0-3.1 on GA media Announcement ID: openSUSE-SU-2026:10048-1 Rating: moderate Cross-References: CVE-2026-22791 CVSS scores: CVE-2026-22791 SUSE : 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2026-22791 SUSE : 6.9...
Linux Distros Unpatched Vulnerability : CVE-2026-22791
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP...