rpm package
suse/openCryptoki&distro=SUSE Linux Enterprise Micro 5.4
pkg:rpm/suse/openCryptoki&distro=SUSE%20Linux%20Enterprise%20Micro%205.4
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-40253 | Med | 6.8 | < 3.17.0-150400.4.16.1 | 3.17.0-150400.4.16.1 | Apr 16, 2026 | openCryptoki is a PKCS#11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library (asn1.c) accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields withou | |
| CVE-2026-23893 | — | < 3.17.0-150400.4.11.1 | 3.17.0-150400.4.11.1 | Jan 22, 2026 | openCryptoki is a PKCS#11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in grou |
- affected < 3.17.0-150400.4.16.1fixed 3.17.0-150400.4.16.1
openCryptoki is a PKCS#11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library (asn1.c) accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields withou
- CVE-2026-23893Jan 22, 2026affected < 3.17.0-150400.4.11.1fixed 3.17.0-150400.4.11.1
openCryptoki is a PKCS#11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in grou