pkg:Debian/opensc

All known vulnerabilities

• HIGH7.5CVE-2021-34193opensc - security update
  from 0, < 0.21.0-1+deb11u1
• HIGH7.5CVE-2021-34193opensc - security update
  from 0, < 0.21.0-1+deb11u1
• HIGH7.5CVE-2019-6502opensc - security update
  from 0, < 0.20.0-1
• HIGH7.5opensc - security update
  from 0, < 0.19.0-1+deb10u2
• HIGH7.5src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with unspecified third-party PKCS#11 modules, generates RSA keys with in…
  from 0, < 0.11.8
• HIGH7.1A vulnerbility was found in OpenSC.
  from 0, < 0.21.0-1+deb11u1
• MEDIUM6.8OpenSC is an open source smart card tools and middleware.
  from 0
• MEDIUM6.8OpenSC is an open source smart card tools and middleware.
  from 0
• MEDIUM6.8OpenSC is an open source smart card tools and middleware.
  from 0
• MEDIUM6.8OpenSC is an open source smart card tools and middleware.
  from 0
• MEDIUM6.8OpenSC before 0.20.0 has a double free in coolkey_free_private_data because coolkey_add_object in libopensc/card-coolkey.c lacks a uniquene…
  from 0, < 0.20.0-1
• MEDIUM6.8Several buffer overflows when handling responses from a Gemsafe V1 Smartcard in gemsafe_get_cert_len in libopensc/pkcs15-gemsafeV1.c in Ope…
  from 0, < 0.19.0~rc1-1
• MEDIUM6.8Several buffer overflows when handling responses from a TCOS Card in tcos_select_file in libopensc/card-tcos.c in OpenSC before 0.19.0-rc1…
  from 0, < 0.19.0~rc1-1
• MEDIUM6.8opensc - security update
  from 0, < 0.19.0~rc1-1
• MEDIUM6.8opensc - security update
  from 0, < 0.16.0-3+deb8u1
• MEDIUM6.6opensc - security update
  from 0, < 0.21.0-1+deb11u1
• MEDIUM6.6opensc - security update
  from 0, < 0.19.0-1+deb10u3
• MEDIUM6.6A double free when handling responses from an HSM Card in sc_pkcs15emu_sc_hsm_init in libopensc/pkcs15-sc-hsm.c in OpenSC before 0.19.0-rc1…
  from 0, < 0.19.0~rc1-1
• MEDIUM6.6A double free when handling responses in read_file in tools/egk-tool.c (aka the eGK card tool) in OpenSC before 0.19.0-rc1 could be used by…
  from 0, < 0.19.0~rc1-1
• MEDIUM6.6A double free when handling responses from a smartcard in sc_file_set_sec_attr in libopensc/sc.c in OpenSC before 0.19.0-rc1 could be used…
  from 0, < 0.19.0~rc1-1
• MEDIUM6.6A single byte buffer overflow when handling responses from an esteid Card in sc_pkcs15emu_esteid_init in libopensc/pkcs15-esteid.c in OpenS…
  from 0, < 0.19.0~rc1-1
• MEDIUM6.6Several buffer overflows when handling responses from a CAC Card in cac_get_serial_nr_from_CUID in libopensc/card-cac.c in OpenSC before 0.…
  from 0, < 0.19.0~rc1-1
• MEDIUM6.6Several buffer overflows when handling responses from an ePass 2003 Card in decrypt_response in libopensc/card-epass2003.c in OpenSC before…
  from 0, < 0.19.0~rc1-1
• MEDIUM6.6Several buffer overflows when handling responses from a Cryptoflex card in read_public_key in tools/cryptoflex-tool.c in OpenSC before 0.19…
  from 0, < 0.19.0~rc1-1
• MEDIUM6.6A buffer overflow when handling string concatenation in util_acl_to_str in tools/util.c in OpenSC before 0.19.0-rc1 could be used by attack…
  from 0, < 0.19.0~rc1-1
• MEDIUM6.4Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init wh…
  from 0, < 0.21.0-1+deb11u1
• MEDIUM6.4OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c.
  from 0, < 0.20.0-1
• MEDIUM6.4opensc - security update
  from 0, < 0.20.0-1
• MEDIUM6.4opensc - security update
  from 0, < 0.16.0-3+deb9u2
• MEDIUM5.9A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant.
  from 0, < 0.21.0-1+deb11u1
• MEDIUM5.7Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash.
  from 0
• MEDIUM5.5The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher.
  from 0, < 0.21.0-1
• MEDIUM5.5The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init.
  from 0, < 0.21.0-1
• MEDIUM5.5The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file.
  from 0, < 0.21.0-1
• MEDIUM5.5opensc - security update
  from 0, < 0.16.0-3+deb8u2
• MEDIUM5.5opensc - security update
  from 0, < 0.20.0-1
• MEDIUM5.3Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the l…
  from 0, < 0.21.0-1+deb11u1
• MEDIUM5.3Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the…
  from 0, < 0.21.0-1+deb11u1
• MEDIUM5.3A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the l…
  from 0, < 0.21.0-1+deb11u1
• MEDIUM5.3A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid.
  from 0, < 0.21.0-1+deb11u1
• MEDIUM5.3A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.
  from 0, < 0.21.0-1+deb11u1
• MEDIUM5.0A flaw has been found in OpenSC up to 0.26.1.
  from 0
• MEDIUM4.6An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3.
  from 0, < 0.19.0~rc1-1
• MEDIUM4.3A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK.
  from 0, < 0.21.0-1+deb11u1
• MEDIUM4.3Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcard…
  from 0, < 0.19.0~rc1-1
• MEDIUM4.3Endless recursion when handling responses from an IAS-ECC card in iasecc_select_file in libopensc/card-iasecc.c in OpenSC before 0.19.0-rc1…
  from 0, < 0.19.0~rc1-1
• LOW3.9A vulnerability was found in the pkcs15-init tool in OpenSC.
  from 0, < 0.21.0-1+deb11u1
• LOW3.9A vulnerability was found in pkcs15-init in OpenSC.
  from 0, < 0.21.0-1+deb11u1
• LOW3.9A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK.
  from 0, < 0.21.0-1+deb11u1
• LOW3.9A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK.
  from 0, < 0.21.0-1+deb11u1
• LOW3.9A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK.
  from 0, < 0.21.0-1+deb11u1
• LOW3.8An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption.
  from 0, < 0.23.0-0.3+deb12u1
• LOW3.4The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-…
  from 0, < 0.21.0-1+deb11u1
• LOW2.9A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver.
  from 0, < 0.21.0-1+deb11u1
• —Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary…
  from 0, < 0.11.13-1.1
• —opensc - information disclosure
  from 0, < 0.11.4-5+lenny1
• —opensc - information disclosure
  from 0, < 0.11.7-1
• —pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, wh…
  from 0, < 0.11.4-5
• —opensc - smart card vulnerability
  from 0, < 0.11.1-2etch2
• —opensc - smart card vulnerability
  from 0, < 0.11.4-4