First published: Sun Dec 01 2019(Updated: )
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-setcos.c has an incorrect read operation during parsing of a SETCOS file attribute.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Opensc Project Opensc | <=0.19.0 | |
Opensc Project Opensc | =0.20.0-rc1 | |
Opensc Project Opensc | =0.20.0-rc2 | |
Opensc Project Opensc | =0.20.0-rc3 | |
Debian Debian Linux | =8.0 | |
Debian Debian Linux | =9.0 | |
Fedoraproject Fedora | =31 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-19479 is a vulnerability discovered in OpenSC through versions 0.19.0 and 0.20.x through 0.20.0-rc3, which allows for an incorrect read operation during parsing of a SETCOS file attribute in libopensc/card-setcos.c.
CVE-2019-19479 has a severity value of 5.5, which is considered medium.
CVE-2019-19479 affects OpenSC versions 0.19.0 and 0.20.x through 0.20.0-rc3, potentially leading to incorrect read operations during the parsing of a SETCOS file attribute.
To fix CVE-2019-19479, update your OpenSC installation to a version beyond 0.20.0-rc3.
More information about CVE-2019-19479 can be found at the following references: [1] [2] [3].