Lucene search
Veracode Vulnerability DatabaseVERACODE:21132HistoryAug 08, 2019 - 12:07 a.m.
Buffer Overflows
2019-08-0800:07:53
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.001 Low
EPSS
Percentile
45.1%
opensc is vulnerable to buffer overflows. It is due to lack of proper handling of responses from a Cryptoflex card in read_public_key in tools/cryptoflex-tool.c.
| CPE | Name | Operator | Version |
|---|---|---|---|
| opensc | eq | 0.16.0__10.20170227git777e2a3.el7 | |
| opensc | eq | 0.16.0__10.20170227git777e2a3.el7 |
References
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index
access.redhat.com/errata/RHSA-2019:2154
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1656791
bugzilla.redhat.com/show_bug.cgi?id=1672898
github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-a6074523a9cbd875e26c58e20868fb15
github.com/OpenSC/OpenSC/releases/tag/0.19.0-rc1
www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
Related
nvd
nvd
CVE-2018-16419
2018-09-04 00:29:00
CVE-2018-1000672
2018-09-05 06:29:00
alpinelinux
alpinelinux
CVE-2018-16419
2018-09-04 00:29:00
osv
osv
CVE-2018-16419
2018-09-04 00:29:00
opensc - security update
2019-09-11 00:00:00
ubuntucve
ubuntucve
CVE-2018-16419
2018-09-04 00:00:00
prion
prion
Buffer overflow
2018-09-04 00:29:00
debiancve
debiancve
CVE-2018-16419
2018-09-04 00:29:00
cvelist
cvelist
CVE-2018-16419
2018-09-04 00:00:00
redhatcve
redhatcve
CVE-2018-16419
2018-09-12 05:49:38
cve
cve
CVE-2018-16419
2018-09-04 00:29:00
CVE-2018-1000672
2022-10-03 16:21:59
nessus
nessus
SUSE SLES11 Security Update : opensc (SUSE-SU-2018:3621-1)
2018-11-06 00:00:00
SUSE SLED12 / SLES12 Security Update : opensc (SUSE-SU-2018:3622-1)
2018-11-06 00:00:00
SUSE SLED12 / SLES12 Security Update : opensc (SUSE-SU-2018:3622-2)
2018-12-11 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2018:3621-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:3622-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:3622-2)
2021-04-19 00:00:00
suse
suse
Security update for opensc (moderate)
2018-11-10 00:17:23
Security update for opensc (moderate)
2018-11-10 00:27:22
mageia
mageia
Updated opensc packages fix security vulnerabilities
2019-01-09 00:50:23
redhat
redhat
(RHSA-2019:2154) Moderate: opensc security, bug fix, and enhancement update
2019-08-06 08:07:23
centos
centos
opensc security update
2019-08-30 03:47:57
oraclelinux
oraclelinux
opensc security, bug fix, and enhancement update
2019-08-13 00:00:00
amazon
amazon
Medium: opensc
2019-10-08 22:01:00
fedora
fedora
[SECURITY] Fedora 28 Update: opensc-0.19.0-1.fc28
2018-10-05 17:12:11
[SECURITY] Fedora 29 Update: opensc-0.19.0-1.fc29
2018-10-05 16:07:00
debian
debian
[SECURITY] [DLA 1916-1] opensc security update
2019-09-11 19:53:49