CVE-2019-15946: OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c.

medium6.4CVSS 3.1

AVPACHPRNUINSUCHIHAH

OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c.

12 ranges

Vendor	Product	Version range	Fixed in
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	opensc	< opensc 0.20.0-1 (bookworm)	opensc 0.20.0-1 (bookworm)
fedoraproject	fedora	—	—
opensc_project	opensc	<= 0.19.0	—
opensc_project	opensc	>= 0 < 0.20.0-1	0.20.0-1
opensc_project	opensc	>= 0 < 0.20.0-1	0.20.0-1
opensc_project	opensc	>= 0 < 0.20.0-1	0.20.0-1
opensc_project	opensc	>= 0 < 0.20.0-1	0.20.0-1
opensc_project	opensc	>= 0 < 0.15.0-1ubuntu1+esm1	0.15.0-1ubuntu1+esm1
opensc_project	opensc	>= 0 < 0.17.0-3ubuntu0.1~esm1	0.17.0-3ubuntu0.1~esm1
opensc_project	opensc	>= 0 < 0.20.0-3ubuntu0.1~esm1	0.20.0-3ubuntu0.1~esm1

nvdv3.16.4MEDIUMCVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

osv6.4MEDIUM