Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2023/09/20 12:0 a.m.35 views

Amazon Linux 2 : opensc (ALAS-2023-2262)

The version of opensc installed on the remote host is prior to 0.19.0-5. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2262 advisory. OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decodebitstring in libopensc/asn1.c...

6.8CVSS6.9AI score0.007EPSS
Exploits1References16
Tenable Nessus
Tenable Nessus
added 2022/05/26 12:0 a.m.36 views

EulerOS 2.0 SP3 : opensc (EulerOS-SA-2022-1752)

According to the versions of the opensc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - OpenSC before 0.20.0 has a double free in coolkeyfreeprivatedata because coolkeyaddobject in libopensc/card-coolkey.c lacks a uniqueness check...

6.8CVSS6.8AI score0.007EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2021/04/19 12:0 a.m.36 views

openSUSE Security Update : opensc (openSUSE-2021-565)

This update for opensc fixes the following issues : - CVE-2019-15945: Fixed an out-of-bounds access of an ASN.1 Bitstring in decodebitstring bsc1149746. - CVE-2019-15946: Fixed an out-of-bounds access of an ASN.1 Octet string in asn1decodeentry bsc1149747 - CVE-2019-19479: Fixed an incorrect read...

6.8CVSS6.3AI score0.007EPSS
Exploits2References16
OPENSUSE Linux
OPENSUSE Linux
added 2021/04/16 12:0 a.m.36 views

Security update for opensc (moderate)

openSUSE Security Update: Security update for opensc Announcement ID: openSUSE-SU-2021:0565-1 Rating: moderate References: 1149746 1149747 1158256 1158307 1170809 1177364 1177378 1177380 Cross-References: CVE-2019-15945 CVE-2019-15946 CVE-2019-19479 CVE-2019-19480 CVE-2019-20792 CVE-2020-26570...

6.2CVSS7.5AI score0.007EPSS
Exploits2References8
Mageia
Mageia
added 2021/01/17 4:7 p.m.51 views

Updated opensc packages fix security vulnerabilities

The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in scoberthurreadfile CVE-2020-26570. The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in scpkcs15emugemsafeGPKinit CVE-2020-26571. The TCOS...

5.5CVSS3.3AI score0.00401EPSS
Exploits0References2
CVE
CVE
added 2020/10/06 1:4 a.m.287 views

CVE-2020-26570

OpenSC CVE-2020-26570 involves a heap-based buffer overflow in the Oberthur smart card driver (sc_oberthur_read_file). Affected OpenSC versions are before 0.21.0-rc1; multiple advisories recommend upgrading to 0.21.0-1 or newer. Impact is a potential compromise via crafted card data; remediation ...

5.5CVSS5.6AI score0.00398EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder