VDB
CVE-2021-42778
CVE-2021-42778
PUBLISHED
CVSS 5 MEDIUM
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.
EPSS 0.13% · 32.1th percentile
Risk Scores
CVSS v2.0
5
EPSS Score
0.13%
32.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| fedoraproject | fedora | 33 |
| opensc_project | opensc | 0 |
| redhat | enterprise_linux | 7.0, 8.0 |
| n/a | opensc | opensc 0.22.0 |
Timeline
- Apr 18, 2022 CVE Published
- Apr 19, 2022 EPSS Score
- Jun 8, 2022 EPSS Score
- Jul 29, 2022 EPSS Score
- Sep 17, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Dec 26, 2022 EPSS Score
- Feb 14, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 5, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 14, 2023 EPSS Score
References
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28185 url
- https://bugzilla.redhat.com/show_bug.cgi?id=2016083 url
- https://github.com/OpenSC/OpenSC/commit/f015746d url
- GLSA-202209-03 vendor-advisory
- https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html url
- https://nvd.nist.gov/vuln/detail/CVE-2021-42778 advisory