Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:opensc:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductOpensc (92130f95-ecb5-5721-af41-ca14a19c0f75)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-2977 vulnerable 2026-06-08 06:02:43.731341 Details available
A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible.
Published: 2023-06-01T00:00:00.000Z
Updated: 2025-11-03T21:47:59.585Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-42782 vulnerable 2026-06-08 05:35:22.933066 Details available
Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the library.
Published: 2022-04-18T00:00:00.000Z
Updated: 2025-11-03T21:45:32.737Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-42781 vulnerable 2026-06-08 05:35:22.932521 Details available
Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library.
Published: 2022-04-18T00:00:00.000Z
Updated: 2025-11-03T21:45:30.959Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-42780 vulnerable 2026-06-08 05:35:22.931978 Details available
A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library.
Published: 2022-04-18T00:00:00.000Z
Updated: 2025-11-03T21:45:29.452Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-42779 vulnerable 2026-06-08 05:35:22.931346 Details available
A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid.
Published: 2022-04-18T00:00:00.000Z
Updated: 2025-11-03T21:45:27.939Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-42778 vulnerable 2026-06-08 05:35:22.929838 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.