CVE-2020-26570

Опубликовано: 06 окт. 2020

Источник: debian

EPSS Низкий

Описание

The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file.

Пакет	Статус	Версия исправления	Релиз	Тип
opensc	fixed	0.21.0-1		package
opensc	fixed	0.19.0-1+deb10u1	buster	package

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24316
https://github.com/OpenSC/OpenSC/commit/6903aebfddc466d966c7b865fae34572bf3ed23e (0.21.0-rc1)

EPSS

Процентиль: 16%

0.00051

Низкий

CVE-2020-26570

CVSS3: 5.5

ubuntu

больше 4 лет назад

The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file.

CVE-2020-26570

CVSS3: 6.4

redhat

больше 4 лет назад

The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file.

CVE-2020-26570

CVSS3: 5.5

nvd

больше 4 лет назад

The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file.

CVE-2020-26570

CVSS3: 5.5

msrc

больше 3 лет назад

Описание отсутствует

GHSA-547v-83cc-5hqg

github

около 3 лет назад

The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file.

EPSS

Процентиль: 16%

0.00051

Низкий