CVE-2025-13763
published 2026-04-23CVE-2025-13763: Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted USB…
medium5.7CVSS 3.1
AVPACHPRNUINSUCHINAH
Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted USB device or smart card that would present the system with specially crafted responses to the APDUs
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | opensc | < opensc 0.27.0~rc1-1 (forky) | opensc 0.27.0~rc1-1 (forky) |
| opensc | opensc | < 0.27.0 | 0.27.0 |
| opensc_project | opensc | — | — |