Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-cf2w-h975-2fpg

Опубликовано: 04 сент. 2024
Источник: github
Github: Не прошло ревью
CVSS3: 3.9

Описание

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed.

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed.

Ссылки

EPSS

Процентиль: 17%
0.00055
Низкий

3.9 Low

CVSS3

CVE ID

CVE-2024-45617

Дефекты

CWE-457
CWE-908

Связанные уязвимости

ubuntu логотип

CVE-2024-45617

CVSS3: 3.9
ubuntu
10 месяцев назад

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized.

redhat логотип

CVE-2024-45617

CVSS3: 3.9
redhat
10 месяцев назад

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized.

nvd логотип

CVE-2024-45617

CVSS3: 3.9
nvd
10 месяцев назад

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized.

debian логотип

CVE-2024-45617

CVSS3: 3.9
debian
10 месяцев назад

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, min ...

fstec логотип

BDU:2024-11092

CVSS3: 3.9
fstec
10 месяцев назад

Уязвимость утилиты персонализации смарт-карт pkcs15-init и библиотеки libopensc набора программных инструментов и библиотек для работы со смарт-картами OpenSC, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 17%
0.00055
Низкий

3.9 Low

CVSS3

CVE ID

CVE-2024-45617

Дефекты

CWE-457
CWE-908