Download
| Alert*
|
oval:org.secpod.oval:def:89003353
This update for libtasn1 fixes the following issues: Security issues fixed: - CVE-2018-1000654: Fixed a denial of service in the asn1 parser . - CVE-2017-6891: Fixed a stack overflow in asn1_find_node . oval:org.secpod.oval:def:1801520 The ASN.1 library used in GNUTLS through versions 4.13 allows for an infinite loop due to an issue in the _asn1_expand_object_id function. An attacker could exploit this via a crafted ASN.1 structure to causing high CPU usage until a resultant out-of-memory error oval:org.secpod.oval:def:1801512 The ASN.1 library used in GNUTLS through versions 4.13 allows for an infinite loop due to an issue in the _asn1_expand_object_id function. An attacker could exploit this via a crafted ASN.1 structure to causing high CPU usage until a resultant out-of-memory error oval:org.secpod.oval:def:1801513 The ASN.1 library used in GNUTLS through versions 4.13 allows for an infinite loop due to an issue in the _asn1_expand_object_id function. An attacker could exploit this via a crafted ASN.1 structure to causing high CPU usage until a resultant out-of-memory error oval:org.secpod.oval:def:1801525 The ASN.1 library used in GNUTLS through versions 4.13 allows for an infinite loop due to an issue in the _asn1_expand_object_id function. An attacker could exploit this via a crafted ASN.1 structure to causing high CPU usage until a resultant out-of-memory error oval:org.secpod.oval:def:2000585 GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id, after a long time, the program will be killed. This attack appears to be exploitable via parsi ... oval:org.secpod.oval:def:89047823 This update for libtasn1 fixes the following issues: Security issue fixed: - CVE-2018-1000654: Fixed a denial of service in the asn1 parser . - CVE-2017-6891: Added safety check to fix a stack overflow issue . - CVE-2021-46848: Fixed off-by-one array size check that affects asn1_encode_simple_der oval:org.secpod.oval:def:2105349 GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable v ... |
