Opensc@* Security Vulnerabilities and Issues — Opensc@* CVE List

Lucene search

Opensc ProjectOpensc*

4 matches found

CVE•added 2023/11/06 5:15 p.m.•401 views

CVE-2023-40661

Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a custom-cra...

6.4CVSS6AI score0.00306EPSS

CVE•added 2023/11/06 5:15 p.m.•127 views

CVE-2023-40660

A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock and...

6.6CVSS6.2AI score0.00037EPSS

CVE•added 2023/06/01 1:15 a.m.•126 views

CVE-2023-2977

A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining l...

7.1CVSS6.7AI score0.0002EPSS

CVE•added 2023/08/22 7:16 p.m.•53 views

CVE-2021-34193

Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs.

7.5CVSS7.5AI score0.00411EPSS