Information on source package opensc

Available versions

ReleaseVersion
stretch0.16.0-3+deb9u1
buster0.19.0-1
bullseye0.21.0-1
bookworm0.22.0-1
sid0.22.0-1

Open issues

BugstretchbusterbullseyebookwormsidDescription
CVE-2020-26572vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a ...
CVE-2020-26571vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 ...
CVE-2020-26570vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe Oberthur smart card software driver in OpenSC before 0.21.0-rc1 ha ...
CVE-2019-20792vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedOpenSC before 0.20.0 has a double free in coolkey_free_private_data be ...
CVE-2019-19479vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedAn issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0. ...
CVE-2019-15946vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedOpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet ...
CVE-2019-15945vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedOpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitst ...

Open unimportant issues

BugstretchbusterbullseyebookwormsidDescription
CVE-2019-6502vulnerablevulnerablefixedfixedfixedsc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a memory ...

Resolved issues

BugDescription
CVE-2019-19481An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0. ...
CVE-2019-19480An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0. ...
CVE-2018-16427Various out of bounds reads when handling responses in OpenSC before 0 ...
CVE-2018-16426Endless recursion when handling responses from an IAS-ECC card in iase ...
CVE-2018-16425A double free when handling responses from an HSM Card in sc_pkcs15emu ...
CVE-2018-16424A double free when handling responses in read_file in tools/egk-tool.c ...
CVE-2018-16423A double free when handling responses from a smartcard in sc_file_set_ ...
CVE-2018-16422A single byte buffer overflow when handling responses from an esteid C ...
CVE-2018-16421Several buffer overflows when handling responses from a CAC Card in ca ...
CVE-2018-16420Several buffer overflows when handling responses from an ePass 2003 Ca ...
CVE-2018-16419Several buffer overflows when handling responses from a Cryptoflex car ...
CVE-2018-16418A buffer overflow when handling string concatenation in util_acl_to_st ...
CVE-2018-16393Several buffer overflows when handling responses from a Gemsafe V1 Sma ...
CVE-2018-16392Several buffer overflows when handling responses from a TCOS Card in t ...
CVE-2018-16391Several buffer overflows when handling responses from a Muscle Card in ...
CVE-2010-4523Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 a ...
CVE-2009-1603src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used wit ...
CVE-2009-0368OpenSC before 0.11.7 allows physically proximate attackers to bypass i ...
CVE-2008-3972pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to ...
CVE-2008-2235OpenSC before 0.11.5 uses weak permissions (ADMIN file control informa ...

Security announcements

DSA / DLADescription
DLA-2046-1opensc - security update
DLA-1916-1opensc - security update
DSA-1734-1opensc - information disclosure
DSA-1627-2opensc - smart card vulnerability

Search for package or bug name: Reporting problems