VYPR

rpm package

suse/opensc&distro=SUSE Linux Enterprise Server for SAP applications 16.0

pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0

Vulnerabilities (4)

  • CVE-2025-66215LowMar 30, 2026
    affected < 0.26.1-160000.3.1fixed 0.26.1-160000.3.1

    OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow WRITE in card-oberthur. The attack requires crafted USB device or s

  • CVE-2025-66038LowMar 30, 2026
    affected < 0.26.1-160000.3.1fixed 0.26.1-160000.3.1

    OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, sc_compacttlv_find_tag searches a compact-TLV buffer for a given tag. In compact-TLV, a single byte encodes the tag (high nibble) and value length (low nibble). With a 1-byte buffer {0x0A}, the enc

  • CVE-2025-66037LowMar 30, 2026
    affected < 0.26.1-160000.3.1fixed 0.26.1-160000.3.1

    OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, feeding a crafted input to the fuzz_pkcs15_reader harness causes OpenSC to perform an out-of-bounds heap read in the X.509/SPKI handling path. Specifically, sc_pkcs15_pubkey_from_spki_fields() allo

  • CVE-2025-49010LowMar 30, 2026
    affected < 0.26.1-160000.3.1fixed 0.26.1-160000.3.1

    OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow write in GET RESPONSE. The attack requires crafted USB device or sm