EPSS
Percentile
56.6%
libopenSC is vulnerable to denial of service (DoS). The vulnerability exists as libopensc/card-cac1.c does not properly handle the buffer limits for CAC certificates, causing an application crash.
libopensc/card-cac1.c
www.openwall.com/lists/oss-security/2019/12/29/1
bugs.chromium.org/p/oss-fuzz/issues/detail?id=18618
github.com/OpenSC/OpenSC/commit/b75c002cfb1fd61cd20ec938ff4937d7b1a94278
lists.fedoraproject.org/archives/list/[email protected]/message/NDSQLMZZYBHO5X3BK7D6E7E6NZIMZDI5/