Vulnerabilities > Opensc Project

DATE CVE VULNERABILITY TITLE RISK
2022-04-18 CVE-2021-42778 Operation on a Resource after Expiration or Release vulnerability in multiple products
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.
network
low complexity
opensc-project fedoraproject redhat CWE-672
5.0
2022-04-18 CVE-2021-42779 Use After Free vulnerability in multiple products
A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid.
network
low complexity
opensc-project fedoraproject redhat CWE-416
5.0
2022-04-18 CVE-2021-42780 Unchecked Return Value vulnerability in multiple products
A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library.
network
low complexity
opensc-project fedoraproject redhat CWE-252
5.0
2022-04-18 CVE-2021-42781 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library.
network
low complexity
opensc-project fedoraproject redhat CWE-787
5.0
2022-04-18 CVE-2021-42782 Out-of-bounds Write vulnerability in multiple products
Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the library.
network
low complexity
opensc-project fedoraproject CWE-787
5.0
2020-10-06 CVE-2020-26572 Out-of-bounds Write vulnerability in multiple products
The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher.
2.1
2020-10-06 CVE-2020-26571 Out-of-bounds Write vulnerability in multiple products
The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init.
2.1
2020-10-06 CVE-2020-26570 Out-of-bounds Write vulnerability in multiple products
The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file.
2.1
2020-04-29 CVE-2019-20792 Double Free vulnerability in Opensc Project Opensc
OpenSC before 0.20.0 has a double free in coolkey_free_private_data because coolkey_add_object in libopensc/card-coolkey.c lacks a uniqueness check.
network
low complexity
opensc-project CWE-415
4.6
2020-01-30 CVE-2013-1866 Link Following vulnerability in Opensc Project Opensc
OpenSC OpenSC.tokend has an Arbitrary File Creation/Overwrite Vulnerability
6.3