Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.4
CVSSv3

CVE-2019-15946

Published: 05/09/2019 Updated: 07/11/2023
CVSS v2 Base Score: 4.4 | Impact Score: 6.4 | Exploitability Score: 3.4
CVSS v3 Base Score: 6.4 | Impact Score: 5.9 | Exploitability Score: 0.5
VMScore: 392
Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Opensc Project

Vulnerability Summary

OpenSC prior to 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

opensc project opensc

debian debian linux 8.0

debian debian linux 9.0

fedoraproject fedora 31

Vendor Advisories

Red Hat: Moderate: opensc security, bug fix, and enhancement update
Synopsis Moderate: opensc security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for opensc is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Syst ...
Debian CVElist Bug Report Logs: opensc: CVE-2019-15946
Debian Bug report logs - #939669 opensc: CVE-2019-15946 Package: src:opensc; Maintainer for src:opensc is Debian OpenSC Maintainers <pkg-opensc-maint@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 7 Sep 2019 15:09:05 UTC Severity: important Tags: security, upstream Found ...
Amazon Linux 2: ALAS2-2023-2262
OpenSC before 0200-rc1 has an out-of-bounds access of an ASN1 Bitstring in decode_bit_string in libopensc/asn1c (CVE-2019-15945) OpenSC before 0200-rc1 has an out-of-bounds access of an ASN1 Octet string in asn1_decode_entry in libopensc/asn1c (CVE-2019-15946) An issue was discovered in OpenSC through 0190 and 020x through 0200-rc3 ...
Arch Linux Issues:
OpenSC before 0200-rc1 has an out-of-bounds access of an ASN1 Octet string in asn1_decode_entry in libopensc/asn1c ...

References

CWE-119https://github.com/OpenSC/OpenSC/commit/a3fc7693f3a035a8a7921cffb98432944bb42740https://github.com/OpenSC/OpenSC/compare/f1691fc...12218d4https://lists.debian.org/debian-lts-announce/2019/09/msg00009.htmlhttp://www.openwall.com/lists/oss-security/2019/12/29/1https://lists.debian.org/debian-lts-announce/2021/11/msg00027.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDSQLMZZYBHO5X3BK7D6E7E6NZIMZDI5/https://access.redhat.com/errata/RHSA-2020:4483https://nvd.nist.govhttps://alas.aws.amazon.com/AL2/ALAS-2023-2262.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-3400deserializationCVE-2024-21788CVE-2023-42433CVE-2024-21841CVE-2024-22095local file inclusionmemory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook