CVE-2021-42780

MEDIUM

OpenSC < 0.22.0 - Use-After-Free in insert_pin Function

Title source: llm

A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library.

Core 6

Core References

Third Party Advisory vendor-advisory

Mailing List mailing-list

Issue Tracking, Mailing List, Patch, Third Party Advisory

Issue Tracking, Patch, Third Party Advisory

Patch, Third Party Advisory

Mailing List

CVSS v3 5.3

EPSS 0.0203

EPSS Percentile 78.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-252

Status published

Products (3)

fedoraproject/fedora 33

opensc_project/opensc < 0.22.0

redhat/enterprise_linux 7.0

Published Apr 18, 2022

Tracked Since Feb 18, 2026