CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-42778
https://notcve.org/view.php?id=CVE-2021-42778
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo. Se ha encontrado un problema de doble liberación de la pila en Opensc versiones anteriores a 0.22.0, en la función sc_pkcs15_free_tokeninfo • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28185 https://bugzilla.redhat.com/show_bug.cgi?id=2016083 https://github.com/OpenSC/OpenSC/commit/f015746d https://security.gentoo.org/glsa/202209-03 • CWE-415: Double Free CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-42779
https://notcve.org/view.php?id=CVE-2021-42779
A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid. Se encontró un problema de uso de memoria previamente liberada de la pila en Opensc versiones anteriores a 0.22.0, en la función sc_file_valid • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28843 https://bugzilla.redhat.com/show_bug.cgi?id=2016086 https://github.com/OpenSC/OpenSC/commit/1db88374 https://lists.debian.org/debian-lts-announce/2023/06/msg00025.html https://security.gentoo.org/glsa/202209-03 • CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-42780
https://notcve.org/view.php?id=CVE-2021-42780
A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library. Se ha encontrado un problema de tipo use after return En Opensc versiones anteriores a 0.22.0, en la función insert_pin que podría bloquear los programas que usan la biblioteca • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28383 https://bugzilla.redhat.com/show_bug.cgi?id=2016139 https://github.com/OpenSC/OpenSC/commit/5df913b7 https://lists.debian.org/debian-lts-announce/2023/06/msg00025.html https://security.gentoo.org/glsa/202209-03 • CWE-252: Unchecked Return Value •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-42781
https://notcve.org/view.php?id=CVE-2021-42781
Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library. Se han encontrado problemas de desbordamiento del búfer de la pila en Opensc versiones anteriores a 0.22.0 en el archivo pkcs15-oberthur.c que podrían bloquear los programas usando la biblioteca • https://bugzilla.redhat.com/show_bug.cgi?id=2016439 https://github.com/OpenSC/OpenSC/commit/05648b06 https://github.com/OpenSC/OpenSC/commit/17d8980c https://github.com/OpenSC/OpenSC/commit/40c50a3a https://github.com/OpenSC/OpenSC/commit/5d4daf6c https://github.com/OpenSC/OpenSC/commit/cae5c71f https://lists.debian.org/debian-lts-announce/2023/06/msg00025.html https://security.gentoo.org/glsa/202209-03 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-1304 – e2fsprogs: out-of-bounds read/write via crafted filesystem
https://notcve.org/view.php?id=CVE-2022-1304
An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem. Se ha encontrado una vulnerabilidad de lectura/escritura fuera de límites en e2fsprogs versión 1.46.5. Este problema conlleva a un fallo de segmentación y posiblemente una ejecución de código arbitrario por medio de un sistema de archivos especialmente diseñado An out-of-bounds read/write vulnerability was found in e2fsprogs. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem. • https://bugzilla.redhat.com/show_bug.cgi?id=2069726 https://access.redhat.com/security/cve/CVE-2022-1304 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •