14 lines
1.3 KiB
JSON
14 lines
1.3 KiB
JSON
{
|
||
"id": "openEuler-SA-2022-1664",
|
||
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2022-1664",
|
||
"title": "An update for opensc is now available for openEuler-20.03-LTS-SP1, openEuler-20.03-LTS-SP3 and openEuler-22.03-LTS",
|
||
"severity": "Moderate",
|
||
"description": "OpenSC provides a set of libraries and utilities to work with smart cards. Its main focus is on cards that support cryptographic operations, and facilitate their use in security applications such as authentication, mail encryption and digital signatures. OpenSC implements the standard APIs to smart cards, e.g. PKCS#11 API, Windows’ Smart Card Minidriver and macOS Tokend.\r\n\r\nSecurity Fix(es):\r\n\r\nA heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.(CVE-2021-42778)\n\nA use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library.(CVE-2021-42780)\n\nStack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the library.(CVE-2021-42782)",
|
||
"cves": [
|
||
{
|
||
"id": "CVE-2021-42782",
|
||
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42782",
|
||
"severity": "Moderate"
|
||
}
|
||
]
|
||
} |