pkg:Debian/opensc
60 total CVEsHIGH6MEDIUM40LOW8
✅ Check your installed version
All known vulnerabilities
- from 0, < 0.21.0-1+deb11u1
- from 0, < 0.21.0-1+deb11u1
- from 0, < 0.20.0-1
- from 0, < 0.19.0-1+deb10u2
- HIGH7.5CVE-2009-1603src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with unspecified third-party PKCS#11 modules, generates RSA keys with in…from 0, < 0.11.8
- from 0, < 0.21.0-1+deb11u1
- from 0
- from 0
- from 0
- from 0
- MEDIUM6.8CVE-2019-20792OpenSC before 0.20.0 has a double free in coolkey_free_private_data because coolkey_add_object in libopensc/card-coolkey.c lacks a uniquene…from 0, < 0.20.0-1
- MEDIUM6.8CVE-2018-16393Several buffer overflows when handling responses from a Gemsafe V1 Smartcard in gemsafe_get_cert_len in libopensc/pkcs15-gemsafeV1.c in Ope…from 0, < 0.19.0~rc1-1
- MEDIUM6.8CVE-2018-16392Several buffer overflows when handling responses from a TCOS Card in tcos_select_file in libopensc/card-tcos.c in OpenSC before 0.19.0-rc1…from 0, < 0.19.0~rc1-1
- from 0, < 0.19.0~rc1-1
- from 0, < 0.16.0-3+deb8u1
- from 0, < 0.21.0-1+deb11u1
- from 0, < 0.19.0-1+deb10u3
- MEDIUM6.6CVE-2018-16425A double free when handling responses from an HSM Card in sc_pkcs15emu_sc_hsm_init in libopensc/pkcs15-sc-hsm.c in OpenSC before 0.19.0-rc1…from 0, < 0.19.0~rc1-1
- MEDIUM6.6CVE-2018-16424A double free when handling responses in read_file in tools/egk-tool.c (aka the eGK card tool) in OpenSC before 0.19.0-rc1 could be used by…from 0, < 0.19.0~rc1-1
- MEDIUM6.6CVE-2018-16423A double free when handling responses from a smartcard in sc_file_set_sec_attr in libopensc/sc.c in OpenSC before 0.19.0-rc1 could be used…from 0, < 0.19.0~rc1-1
- MEDIUM6.6CVE-2018-16422A single byte buffer overflow when handling responses from an esteid Card in sc_pkcs15emu_esteid_init in libopensc/pkcs15-esteid.c in OpenS…from 0, < 0.19.0~rc1-1
- MEDIUM6.6CVE-2018-16421Several buffer overflows when handling responses from a CAC Card in cac_get_serial_nr_from_CUID in libopensc/card-cac.c in OpenSC before 0.…from 0, < 0.19.0~rc1-1
- MEDIUM6.6CVE-2018-16420Several buffer overflows when handling responses from an ePass 2003 Card in decrypt_response in libopensc/card-epass2003.c in OpenSC before…from 0, < 0.19.0~rc1-1
- MEDIUM6.6CVE-2018-16419Several buffer overflows when handling responses from a Cryptoflex card in read_public_key in tools/cryptoflex-tool.c in OpenSC before 0.19…from 0, < 0.19.0~rc1-1
- MEDIUM6.6CVE-2018-16418A buffer overflow when handling string concatenation in util_acl_to_str in tools/util.c in OpenSC before 0.19.0-rc1 could be used by attack…from 0, < 0.19.0~rc1-1
- MEDIUM6.4CVE-2023-40661Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init wh…from 0, < 0.21.0-1+deb11u1
- MEDIUM6.4CVE-2019-15946OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c.from 0, < 0.20.0-1
- from 0, < 0.20.0-1
- from 0, < 0.16.0-3+deb9u2
- MEDIUM5.9CVE-2023-5992A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant.from 0, < 0.21.0-1+deb11u1
- MEDIUM5.7CVE-2025-13763Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash.from 0
- MEDIUM5.5CVE-2020-26572The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher.from 0, < 0.21.0-1
- MEDIUM5.5CVE-2020-26571The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init.from 0, < 0.21.0-1
- MEDIUM5.5CVE-2020-26570The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file.from 0, < 0.21.0-1
- from 0, < 0.16.0-3+deb8u2
- from 0, < 0.20.0-1
- MEDIUM5.3CVE-2021-42782Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the l…from 0, < 0.21.0-1+deb11u1
- MEDIUM5.3CVE-2021-42781Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the…from 0, < 0.21.0-1+deb11u1
- MEDIUM5.3CVE-2021-42780A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the l…from 0, < 0.21.0-1+deb11u1
- MEDIUM5.3CVE-2021-42779A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid.from 0, < 0.21.0-1+deb11u1
- MEDIUM5.3CVE-2021-42778A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.from 0, < 0.21.0-1+deb11u1
- from 0
- MEDIUM4.6CVE-2019-19481An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3.from 0, < 0.19.0~rc1-1
- MEDIUM4.3CVE-2024-45619A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK.from 0, < 0.21.0-1+deb11u1
- MEDIUM4.3CVE-2018-16427Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcard…from 0, < 0.19.0~rc1-1
- MEDIUM4.3CVE-2018-16426Endless recursion when handling responses from an IAS-ECC card in iasecc_select_file in libopensc/card-iasecc.c in OpenSC before 0.19.0-rc1…from 0, < 0.19.0~rc1-1
- from 0, < 0.21.0-1+deb11u1
- from 0, < 0.21.0-1+deb11u1
- LOW3.9CVE-2024-45617A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK.from 0, < 0.21.0-1+deb11u1
- LOW3.9CVE-2024-45616A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK.from 0, < 0.21.0-1+deb11u1
- LOW3.9CVE-2024-45615A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK.from 0, < 0.21.0-1+deb11u1
- LOW3.8CVE-2023-4535An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption.from 0, < 0.23.0-0.3+deb12u1
- LOW3.4CVE-2024-1454The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-…from 0, < 0.21.0-1+deb11u1
- LOW2.9CVE-2024-8443A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver.from 0, < 0.21.0-1+deb11u1
- —CVE-2010-4523Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary…from 0, < 0.11.13-1.1
- from 0, < 0.11.4-5+lenny1
- from 0, < 0.11.7-1
- —CVE-2008-3972pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, wh…from 0, < 0.11.4-5
- from 0, < 0.11.1-2etch2
- from 0, < 0.11.4-4