CVE-2018-16427

Опубликовано: 04 сент. 2018

Источник: debian

EPSS Низкий

Описание

Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially crash the opensc library using programs.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
opensc	fixed	0.19.0~rc1-1		package
opensc	fixed	0.16.0-3+deb9u1	stretch	package

Примечания

https://github.com/OpenSC/OpenSC/pull/1447/commits/8fe377e93b4b56060e5bbfb6f3142ceaeca744fa
https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/

EPSS

Процентиль: 39%

0.00178

Низкий

Связанные уязвимости

CVE-2018-16427

CVSS3: 4.3

ubuntu

больше 7 лет назад

Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially crash the opensc library using programs.

CVE-2018-16427

CVSS3: 4.3

redhat

больше 7 лет назад

Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially crash the opensc library using programs.

CVE-2018-16427

CVSS3: 4.3

nvd

больше 7 лет назад

Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially crash the opensc library using programs.

GHSA-35jr-36cj-2w6g

CVSS3: 4.3

github

больше 3 лет назад

Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially crash the opensc library using programs.

SUSE-SU-2018:3621-1

suse-cvrf

больше 7 лет назад

Security update for opensc

EPSS

Процентиль: 39%

0.00178

Низкий