Information on source package opensc

Available versions

ReleaseVersion
bullseye0.21.0-1
bookworm0.23.0-0.3+deb12u1
trixie0.25.1-2
sid0.25.1-2

Open issues

BugbullseyebookwormtrixiesidDescription
CVE-2024-45620vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerablevulnerableA vulnerability was found in the pkcs15-init tool in OpenSC. An attack ...
CVE-2024-45619vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerablevulnerableA vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, min ...
CVE-2024-45618vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerablevulnerableA vulnerability was found in pkcs15-init in OpenSC. An attacker could ...
CVE-2024-45617vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerablevulnerableA vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, min ...
CVE-2024-45616vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerablevulnerableA vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, min ...
CVE-2024-45615vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerablevulnerableA vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, min ...
CVE-2024-8443vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerablevulnerableA heap-based buffer overflow vulnerability was found in the libopensc ...
CVE-2024-1454vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe use-after-free vulnerability was found in the AuthentIC driver in ...
CVE-2023-40661vulnerable (no DSA)fixedfixedfixedSeveral memory vulnerabilities were identified within the OpenSC packa ...
CVE-2023-40660vulnerable (no DSA)fixedfixedfixedA flaw was found in OpenSC packages that allow a potential PIN bypass. ...
CVE-2023-5992vulnerable (no DSA)vulnerable (no DSA)fixedfixedA vulnerability was found in OpenSC where PKCS#1 encryption padding re ...
CVE-2023-2977vulnerable (no DSA)fixedfixedfixedA vulnerbility was found in OpenSC. This security flaw cause a buffer ...
CVE-2021-42782vulnerable (no DSA)fixedfixedfixedStack buffer overflow issues were found in Opensc before version 0.22. ...
CVE-2021-42781vulnerable (no DSA)fixedfixedfixedHeap buffer overflow issues were found in Opensc before version 0.22.0 ...
CVE-2021-42780vulnerable (no DSA)fixedfixedfixedA use after return issue was found in Opensc before version 0.22.0 in ...
CVE-2021-42779vulnerable (no DSA)fixedfixedfixedA heap use after free issue was found in Opensc before version 0.22.0 ...
CVE-2021-42778vulnerable (no DSA)fixedfixedfixedA heap double free issue was found in Opensc before version 0.22.0 in ...
CVE-2021-34193vulnerable (no DSA)fixedfixedfixedStack overflow vulnerability in OpenSC smart card middleware before 0. ...

Resolved issues

BugDescription
CVE-2023-4535An out-of-bounds read vulnerability was found in OpenSC packages withi ...
CVE-2020-26572The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a ...
CVE-2020-26571The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 ...
CVE-2020-26570The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 ha ...
CVE-2019-20792OpenSC before 0.20.0 has a double free in coolkey_free_private_data be ...
CVE-2019-19481An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0. ...
CVE-2019-19480An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0. ...
CVE-2019-19479An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0. ...
CVE-2019-15946OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet ...
CVE-2019-15945OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitst ...
CVE-2019-6502sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a memory ...
CVE-2018-16427Various out of bounds reads when handling responses in OpenSC before 0 ...
CVE-2018-16426Endless recursion when handling responses from an IAS-ECC card in iase ...
CVE-2018-16425A double free when handling responses from an HSM Card in sc_pkcs15emu ...
CVE-2018-16424A double free when handling responses in read_file in tools/egk-tool.c ...
CVE-2018-16423A double free when handling responses from a smartcard in sc_file_set_ ...
CVE-2018-16422A single byte buffer overflow when handling responses from an esteid C ...
CVE-2018-16421Several buffer overflows when handling responses from a CAC Card in ca ...
CVE-2018-16420Several buffer overflows when handling responses from an ePass 2003 Ca ...
CVE-2018-16419Several buffer overflows when handling responses from a Cryptoflex car ...
CVE-2018-16418A buffer overflow when handling string concatenation in util_acl_to_st ...
CVE-2018-16393Several buffer overflows when handling responses from a Gemsafe V1 Sma ...
CVE-2018-16392Several buffer overflows when handling responses from a TCOS Card in t ...
CVE-2018-16391Several buffer overflows when handling responses from a Muscle Card in ...
CVE-2010-4523Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 a ...
CVE-2009-1603src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used wit ...
CVE-2009-0368OpenSC before 0.11.7 allows physically proximate attackers to bypass i ...
CVE-2008-3972pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to ...
CVE-2008-2235OpenSC before 0.11.5 uses weak permissions (ADMIN file control informa ...

Security announcements

DSA / DLADescription
DLA-3668-1opensc - security update
DLA-3463-1opensc - security update
DLA-2832-1opensc - security update
DLA-2046-1opensc - security update
DLA-1916-1opensc - security update
DSA-1734-1opensc - information disclosure
DSA-1627-2opensc - smart card vulnerability

Search for package or bug name: Reporting problems