漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
OpenSC: Out of Bounds vulnerability
Vulnerability Description
OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, feeding a crafted input to the fuzz_pkcs15_reader harness causes OpenSC to perform an out-of-bounds heap read in the X.509/SPKI handling path. Specifically, sc_pkcs15_pubkey_from_spki_fields() allocates a zero-length buffer and then reads one byte past the end of that allocation. This issue has been patched in version 0.27.0.
CVSS Information
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
跨界内存读
Vulnerability Title
OpenSC 缓冲区错误漏洞
Vulnerability Description
OpenSC是OpenSC开源的一款开源的智能卡工具和中间件。 OpenSC 0.27.0之前版本存在缓冲区错误漏洞,该漏洞源于X.509/SPKI处理路径中存在越界堆读取,可能导致内存损坏。
CVSS Information
N/A
Vulnerability Type
N/A