CVE-2019-19480

Опубликовано: 23 окт. 2019

Источник: redhat

CVSS3: 4.6

EPSS Низкий

Описание

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in sc_pkcs15_decode_prkdf_entry.

Отчет

Please note that this issue was was introduced with https://github.com/OpenSC/OpenSC/commit/630d6adf32cecaab0ee184618f56497bd50400fb and fixed with https://github.com/OpenSC/OpenSC/commit/6ce6152284c47ba9b1d4fe8ff9d2e6a3f5ee02c7, therefore no release versions of opensc are affected by this issue.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 7	opensc	Not affected
Red Hat Enterprise Linux 8	opensc	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-416

https://bugzilla.redhat.com/show_bug.cgi?id=1782950opensc: incorrect free operation in sc_pkcs15_decode_prkdf_entry in libopensc/pkcs15-prkey.c

EPSS

Процентиль: 42%

0.00199

Низкий

4.6 Medium

CVSS3

Связанные уязвимости

CVE-2019-19480

CVSS3: 4.6

ubuntu

около 6 лет назад

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in sc_pkcs15_decode_prkdf_entry.

CVE-2019-19480

CVSS3: 4.6

nvd

около 6 лет назад

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in sc_pkcs15_decode_prkdf_entry.

CVE-2019-19480

CVSS3: 4.6

debian

около 6 лет назад

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0. ...

GHSA-x65v-c8ff-h2m3

github

больше 3 лет назад

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in sc_pkcs15_decode_prkdf_entry.

openSUSE-SU-2021:0565-1

suse-cvrf

почти 5 лет назад

Security update for opensc

EPSS

Процентиль: 42%

0.00199

Низкий

4.6 Medium

CVSS3