VYPR

rpm package

suse/opensc&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3

pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3

Vulnerabilities (2)

  • CVE-2023-40661MedNov 6, 2023
    affected < 0.19.0-150100.3.25.1fixed 0.19.0-150100.3.25.1

    Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and

  • CVE-2023-40660MedNov 6, 2023
    affected < 0.19.0-150100.3.25.1fixed 0.19.0-150100.3.25.1

    A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logo