rpm package
suse/opensc&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3
pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-40661 | Med | 5.4 | < 0.19.0-150100.3.25.1 | 0.19.0-150100.3.25.1 | Nov 6, 2023 | Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and | |
| CVE-2023-40660 | Med | 6.6 | < 0.19.0-150100.3.25.1 | 0.19.0-150100.3.25.1 | Nov 6, 2023 | A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logo |
- affected < 0.19.0-150100.3.25.1fixed 0.19.0-150100.3.25.1
Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and
- affected < 0.19.0-150100.3.25.1fixed 0.19.0-150100.3.25.1
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logo