rpm package
suse/libksba&distro=SUSE Linux Enterprise Server 12 SP1
pkg:rpm/suse/libksba&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-4579 | Hig | 7.5 | < 1.3.0-23.1 | 1.3.0-23.1 | Jun 13, 2016 | Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via unspecified vectors, related to the "returned length of the object from _ksba_ber_parse_tl." | |
| CVE-2016-4574 | Hig | 7.5 | < 1.3.0-23.1 | 1.3.0-23.1 | Jun 13, 2016 | Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016- |
- affected < 1.3.0-23.1fixed 1.3.0-23.1
Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via unspecified vectors, related to the "returned length of the object from _ksba_ber_parse_tl."
- affected < 1.3.0-23.1fixed 1.3.0-23.1
Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-