Vulnerability CVE-2008-2235 - CERT Civis.Net

Vulnerability Name:

CVE-2008-2235 (CCN-44140)

Assigned:

2008-07-31

Published:

2008-07-31

Updated:

2017-08-08

Summary:

OpenSC before 0.11.5 uses weak permissions (ADMIN file control information of 00) for the 5015 directory on smart cards and USB crypto tokens running Siemens CardOS M4, which allows physically proximate attackers to change the PIN.

CVSS v3 Severity:

4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

4.9 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:C/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:C/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Complete Availibility (A): None

2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Other

References:

Source: MITRE
Type: CNA
CVE-2008-2235

Source: SUSE
Type: UNKNOWN
SUSE-SR:2008:019

Source: SUSE
Type: UNKNOWN
SUSE-SR:2009:004

Source: CCN
Type: SA31330
OpenSC CardOS Improper Initialization Security Issue

Source: SECUNIA
Type: UNKNOWN
31330

Source: SECUNIA
Type: UNKNOWN
31360

Source: SECUNIA
Type: UNKNOWN
32099

Source: SECUNIA
Type: UNKNOWN
33115

Source: SECUNIA
Type: UNKNOWN
34362

Source: GENTOO
Type: UNKNOWN
GLSA-200812-09

Source: DEBIAN
Type: DSA-1627
opensc -- programming error

Source: CCN
Type: GLSA-200812-09
OpenSC: Insufficient protection of smart card PIN

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:183

Source: MLIST
Type: UNKNOWN
[opensc-announce] 20080731 OpenSC Security Vulnerability and new Versions of OpenSC, OpenCT, LibP11, Pam_P11, Engine_PKCS11

Source: CCN
Type: OpenSC Security Advisory [31-Jul-2008]
OpenSC initializes CardOS cards with improper access rights

Source: CONFIRM
Type: UNKNOWN
http://www.opensc-project.org/security.html

Source: CCN
Type: OSVDB ID: 47543
OpenSC on Siemens CardOS M4 ADMIN File Permission Weakness PIN Manipulation

Source: CCN
Type: OSVDB ID: 48468
OpenSC pkcs15-tool Card Label Matching Weakness Update Failure

Source: BID
Type: Patch
30473

Source: CCN
Type: BID-30473
OpenSC CardOS M4 Smart Cards Insecure Permissions Vulnerability

Source: XF
Type: UNKNOWN
opensc-smartcard-cryptotoken-weak-security(44140)

Source: XF
Type: UNKNOWN
opensc-smartcard-cryptotoken-weak-security(44140)

Source: DEBIAN
Type: UNKNOWN
DSA-1627

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-2267

Source: SUSE
Type: SUSE-SR:2008:019
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2009:004
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/o:siemens:cardos:m4:*:*:*:*:*:*:*

AND

cpe:/a:opensc-project:opensc:0.3.2:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.3.5:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.4.0:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.6.0:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.6.1:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.7.0:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.8:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.8.0.0:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.8.1:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.9:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.9.6:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.9.7:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.9.7:b:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.9.7:d:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.9.8:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.11.0:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.11.1:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.11.2:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.11.3:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.11.3:pre3:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.11.4:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:opensc-project:opensc:0.11.3:pre3:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.11.3:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.11.4:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.11.2:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.11.0:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.11.1:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.8:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.9:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.9.6:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.9.8:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.9.7:d:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.9.7:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.8.1:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.8.0.0:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.9.7:b:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.3.5:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.4.0:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.6.0:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.6.1:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.7.0:*:*:*:*:*:*:*

OR cpe:/a:opensc-project:opensc:0.3.2:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20082235	V	CVE-2008-2235	2022-06-30
oval:org.opensuse.security:def:42368	P	Security update for the Linux Kernel (Important)	2022-04-13
oval:org.opensuse.security:def:113061	P	opensc-0.21.0-2.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:31372	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:26180	P	Security update for php74 (Moderate)	2021-12-06
oval:org.opensuse.security:def:31311	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:26153	P	Security update for git (Low)	2021-10-20
oval:org.opensuse.security:def:32204	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:26141	P	Security update for webkit2gtk3 (Important)	2021-10-06
oval:org.opensuse.security:def:106501	P	opensc-0.21.0-2.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:31280	P	Security update for python-urllib3 (Moderate)	2021-09-29
oval:org.opensuse.security:def:31683	P	Security update for ghostscript (Critical)	2021-09-21
oval:org.opensuse.security:def:32182	P	Security update for transfig (Moderate)	2021-09-16
oval:org.opensuse.security:def:31679	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:31672	P	Security update for unrar (Moderate)	2021-08-25
oval:org.opensuse.security:def:31671	P	Security update for openssl (Important)	2021-08-24
oval:org.opensuse.security:def:26096	P	Security update for php72 (Moderate)	2021-07-29
oval:org.opensuse.security:def:31237	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-07-27
oval:org.opensuse.security:def:32143	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:31226	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:31225	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:26089	P	Security update for MozillaFirefox (Important)	2021-07-16
oval:org.opensuse.security:def:26088	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:31646	P	Security update for libnettle (Important)	2021-06-23
oval:org.opensuse.security:def:32125	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-06-18
oval:org.opensuse.security:def:26078	P	Security update for libxml2 (Moderate)	2021-06-18
oval:org.opensuse.security:def:26077	P	Security update for apache2 (Important)	2021-06-17
oval:org.opensuse.security:def:36528	P	opensc-devel-0.11.6-5.27.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42612	P	libopensc2-0.11.6-5.27.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36205	P	libopensc2-0.11.6-5.27.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:32925	P	Security update for hivex (Moderate)	2021-05-26
oval:org.opensuse.security:def:32094	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:26039	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:26040	P	Security update for gdm (Important)	2021-04-28
oval:org.opensuse.security:def:26026	P	Security update for cifs-utils (Moderate)	2021-04-13
oval:org.opensuse.security:def:31148	P	Security update for fwupdate (Important)	2021-04-08
oval:org.opensuse.security:def:42165	P	Security update for tar (Low)	2021-03-29
oval:org.opensuse.security:def:32281	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:31738	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:31728	P	Security update for jasper (Important)	2021-02-16
oval:org.opensuse.security:def:32248	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:26190	P	Security update for MozillaFirefox (Low)	2021-02-10
oval:org.opensuse.security:def:26084	P	Security update for postgresql, postgresql12, postgresql13 (Important)	2021-01-26
oval:org.opensuse.security:def:35758	P	libopensc2-0.11.6-5.27.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:42001	P	libopensc2-0.11.6-5.25.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35961	P	libopensc2-0.11.6-5.27.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35594	P	libopensc2-0.11.6-5.25.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:32001	P	Security update for python3 (Important)	2020-12-02
oval:org.opensuse.security:def:26707	P	glib2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25921	P	Recommended update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:25309	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:26654	P	xpdf-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26243	P	Security update for libpcap (Important)	2020-12-01
oval:org.opensuse.security:def:33168	P	libopensc2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25754	P	Security update for flash-player (Moderate)	2020-12-01
oval:org.opensuse.security:def:31757	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:26795	P	opie on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26757	P	libopensc2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25384	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:32038	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31940	P	Recommended update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:27168	P	ldapsmb on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25766	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:25487	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:32337	P	Security update for sblim-sfcb (Moderate)	2020-12-01
oval:org.opensuse.security:def:26853	P	NetworkManager on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31063	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25796	P	Security update for util-linux (Moderate)	2020-12-01
oval:org.opensuse.security:def:25938	P	Security update for evince (Important)	2020-12-01
oval:org.opensuse.security:def:31428	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26281	P	Security update for hexchat (Moderate)	2020-12-01
oval:org.opensuse.security:def:25885	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:32425	P	Security update for wpa_supplicant (Moderate)	2020-12-01
oval:org.opensuse.security:def:32559	P	libopensc2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25145	P	Security update for freeradius-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:32886	P	java-1_6_0-ibm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31440	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:26419	P	Security update for mbedtls (Moderate)	2020-12-01
oval:org.opensuse.security:def:26433	P	Security update for MozillaThunderbird (Critical)	2020-12-01
oval:org.opensuse.security:def:26559	P	gpg2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25157	P	Security update for shibboleth-sp (Moderate)	2020-12-01
oval:org.opensuse.security:def:31535	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:25512	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:31889	P	Security update for evince (Important)	2020-12-01
oval:org.opensuse.security:def:31835	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:26486	P	Security update for pdns-recursor (Moderate)	2020-12-01
oval:org.opensuse.security:def:25349	P	Security update for bluez (Important)	2020-12-01
oval:org.opensuse.security:def:31882	P	Security update for dnsmasq (Important)	2020-12-01
oval:org.opensuse.security:def:31816	P	Security update for apport (Moderate)	2020-12-01
oval:org.opensuse.security:def:26960	P	libopensc2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25587	P	Security update for perl-PlRPC (Moderate)	2020-12-01
oval:org.opensuse.security:def:25571	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:27491	P	libthai on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25650	P	Security update for SDL (Moderate)	2020-12-01
oval:org.opensuse.security:def:25824	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:32045	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25877	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:32722	P	libopensc2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25308	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:26503	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26229	P	Security update for xawtv (Moderate)	2020-12-01
oval:org.opensuse.security:def:33129	P	krb5-doc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31592	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:26756	P	libnewt0_52 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26722	P	kbd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25320	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:31891	P	Security update for expat (Important)	2020-12-01
oval:org.opensuse.security:def:26287	P	Security update for zeromq (Moderate)	2020-12-01
oval:org.opensuse.security:def:25755	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:25430	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:26809	P	puppet on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31062	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25715	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31979	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:27203	P	libopensc2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25830	P	Security update for libimobiledevice, usbmuxd (Important)	2020-12-01
oval:org.opensuse.security:def:25734	P	Security update for python3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32386	P	Security update for tomcat6 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32520	P	glib2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31074	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25853	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25987	P	Security update for the Linux Kernel (Critical)	2020-12-01
oval:org.opensuse.security:def:31429	P	Recommended update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26362	P	Security update for nginx (Moderate)	2020-12-01
oval:org.opensuse.security:def:26384	P	Security update for chromium (Moderate)	2020-12-01
oval:org.opensuse.security:def:32447	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:25146	P	Security update for man (Moderate)	2020-12-01
oval:org.opensuse.security:def:31443	P	Security update for policycoreutils (Moderate)	2020-12-01
oval:org.opensuse.security:def:26331	P	Security update for Chromium (Important)	2020-12-01
oval:org.opensuse.security:def:25511	P	Security update for ant (Moderate)	2020-12-01
oval:org.opensuse.security:def:31514	P	Security update for quagga (Moderate)	2020-12-01
oval:org.opensuse.security:def:31516	P	Security update for quagga (Moderate)	2020-12-01
oval:org.opensuse.security:def:26472	P	Security update for Chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26594	P	libopensc2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25221	P	Security update for sysstat (Moderate)	2020-12-01
oval:org.opensuse.security:def:31795	P	Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:31777	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26925	P	kde4-kgreeter-plugins on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25523	P	Security update for dpdk (Moderate)	2020-12-01
oval:org.opensuse.security:def:31981	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:26530	P	clamav on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25593	P	Security update for openvpn (Moderate)	2020-12-01
oval:org.opensuse.security:def:25775	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:31838	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:25958	P	Security update for libwpd (Important)	2020-12-01
oval:org.opensuse.security:def:25722	P	Security update for ovmf (Low)	2020-12-01
oval:org.opensuse.security:def:27526	P	opensc-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25937	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25863	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:32683	P	hplip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32491	P	bind on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:7486	P	DSA-1627 opensc -- programming error	2014-06-23
oval:org.mitre.oval:def:18393	P	DSA-1627-2 opensc - smart card vulnerability	2014-06-23
oval:org.debian:def:1627	V	programming error	2008-08-04