CVE-2024-45615

CVE-2024-45615

Name

CVE-2024-45615

Description

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized (as arguments to other functions, etc.).

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
vdb-entry	https://access.redhat.com/security/cve/CVE-2024-45615
issue-tracking	https://bugzilla.redhat.com/show_bug.cgi?id=2309285
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html

Type

URI

vdb-entry

https://access.redhat.com/security/cve/CVE-2024-45615

issue-tracking

https://bugzilla.redhat.com/show_bug.cgi?id=2309285

af854a3a-2127-422b-91ae-364da2661108

https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html

CPE URI	Source package	Min version	Max version
	shopxo	>= 0	< 0.26.0

CPE URI

Source package

Min version

Max version

shopxo

>= 0

< 0.26.0

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
opensc	edge-community	0.26.0-r0	Timo Teräs <timo.teras@iki.fi>	fixed
opensc	3.22-community	0.26.0-r0	Timo Teräs <timo.teras@iki.fi>	fixed
opensc	3.21-community	0.26.0-r0	Timo Teräs <timo.teras@iki.fi>	fixed

Source package

Branch

Version

Maintainer

Status

opensc

edge-community

0.26.0-r0

Timo Teräs <timo.teras@iki.fi>

fixed

opensc

3.22-community