Opencryptoki_project Opencryptoki

7 CVEs affecting Opencryptoki_project Opencryptoki. Latest disclosed: 2026-04-16. Critical: 0, High: 0.

Top CVEs affecting Opencryptoki_project Opencryptoki
CVESeverityScorePublishedSummary
CVE-2026-40253Medium6.82026-04-16openCryptoki is a PKCS#11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common lib…
CVE-2026-23893Medium6.82026-01-22openCryptoki is a PKCS#11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileg…
CVE-2026-22791Medium6.62026-01-13openCryptoki is a PKCS#11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKM_ECDH_AES_KEY_WRAP…
CVE-2024-0914Medium5.92024-01-31A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potent…
CVE-2021-3798Medium5.52022-08-23A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via C_CreateObject, nor when C_Der…
CVE-2012-44552012-10-10openCryptoki 2.4.1 allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) LCK..opencryptoki or (2) L…
CVE-2012-44542012-10-10openCryptoki before 2.4.1, when using spinlocks, allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the…