GNU Libtasn1 4.0

CPE Details

GNU Libtasn1 4.0
gnu
libtasn1
4.0
2019-01-03
13h29 +00:00
2019-01-03
13h29 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:gnu:libtasn1:4.0:*:*:*:*:*:*:*

Informations

Vendor

gnu

Product

libtasn1

Version

4.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-46848 2022-10-23 22h00 +00:00 GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.
9.1
Critical
CVE-2018-6003 2018-01-22 19h00 +00:00 An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS.
7.5
High
CVE-2017-10790 2017-07-02 01h00 +00:00 The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure. It may lead to a remote denial of service attack.
7.5
High
CVE-2016-4008 2016-05-05 16h00 +00:00 The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate.
5.9
Medium
CVE-2015-3622 2015-05-12 17h00 +00:00 The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.5 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted certificate.
4.3
CVE-2015-2806 2015-04-10 12h00 +00:00 Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors.
10