Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv2

CVE-2019-20792

Published: 29/04/2020 Updated: 26/05/2020
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
CVSS v3 Base Score: 6.8 | Impact Score: 5.9 | Exploitability Score: 0.9
VMScore: 409
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Opensc

Vulnerability Summary

OpenSC prior to 0.20.0 has a double free in coolkey_free_private_data because coolkey_add_object in libopensc/card-coolkey.c lacks a uniqueness check.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

opensc project opensc

Vendor Advisories

Red Hat: Moderate: opensc security, bug fix, and enhancement update
Synopsis Moderate: opensc security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for opensc is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Syst ...
Amazon Linux 2: ALAS2-2023-2262
OpenSC before 0200-rc1 has an out-of-bounds access of an ASN1 Bitstring in decode_bit_string in libopensc/asn1c (CVE-2019-15945) OpenSC before 0200-rc1 has an out-of-bounds access of an ASN1 Octet string in asn1_decode_entry in libopensc/asn1c (CVE-2019-15946) An issue was discovered in OpenSC through 0190 and 020x through 0200-rc3 ...

References

CWE-415https://github.com/OpenSC/OpenSC/compare/0.19.0...0.20.0https://github.com/OpenSC/OpenSC/commit/c246f6f69a749d4f68626b40795a4f69168008f4https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19208https://access.redhat.com/errata/RHSA-2020:4483https://nvd.nist.govhttps://alas.aws.amazon.com/AL2/ALAS-2023-2262.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000CVE-2024-4439unauthorizedCVE-2024-0042CVE-2024-31848CVE-2023-40694cache poisoningCVE-2024-23707firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook