OSV-2022-1188

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/opensc/OSV-2022-1188.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-1188
Published
2022-11-20T13:01:57.719130Z
Modified
2024-11-13T14:13:07.991506Z
Summary
Stack-buffer-overflow in authentic_get_tagged_data
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53536

Crash type: Stack-buffer-overflow READ 1
Crash state:
authentic_get_tagged_data
authentic_parse_credential_data
authentic_pin_get_policy
References

Affected packages

OSS-Fuzz / opensc

Package

Name
opensc
Purl
pkg:generic/opensc

Affected ranges

Type
GIT
Repo
https://github.com/OpenSC/OpenSC
Events
Introduced
847ccabd898f31d2ade49cbfd11fef083ee9e84a

Affected versions

0.*

0.23.0
0.23.0-rc1
0.23.0-rc2
0.24.0
0.24.0-rc1
0.24.0-rc2
0.25.0
0.25.0-rc1
0.25.1
0.26.0
0.26.0-rc1

Ecosystem specific 

{
    "severity": null
}