5 matches found
Amazon Linux 2 : opencryptoki, --advisory ALAS2-2026-3283 (ALAS-2026-3283)
The version of opencryptoki installed on the remote host is prior to 3.7.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3283 advisory. openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to...
openCryptoki: openCryptoki: Privilege Escalation or Data Exposure via Symlink Following
A flaw was found in openCryptoki, a PKCS11 library and tooling for Linux and AIX. A token-group user can exploit a symlink-following vulnerability by planting symbolic links in group-writable token directories. When an administrator runs a PKCS11 application or administrative tool as root, it may...
SUSE CVE-2026-23893
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
CVE-2026-23893
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
CVE-2026-23893
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...