Opensc Security Vulnerabilities and Issues — Opensc CVE List

Lucene search

Opensc ProjectOpensc

4 matches found

CVE•added 2023/06/01 1:15 a.m.•129 views

CVE-2023-2977

A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining l...

7.1CVSS6.7AI score0.0002EPSS

CVE•added 2019/01/22 8:29 a.m.•94 views

CVE-2019-6502

sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a call from eidenv.

7.5CVSS6.5AI score0.00193EPSS

CVE•added 2023/08/22 7:16 p.m.•53 views

CVE-2021-34193

Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs.

7.5CVSS7.5AI score0.00411EPSS

CVE•added 2019/09/06 6:15 p.m.•35 views

CVE-2019-16058

An issue was discovered in the pam_p11 component 0.2.0 and 0.3.0 for OpenSC. If a smart card creates a signature with a length longer than 256 bytes, this triggers a buffer overflow. This may be the case for RSA keys with 4096 bits depending on the signature scheme.

7.5CVSS7.6AI score0.00354EPSS