VYPR

Libtasn1

by Free Software Foundation Inc.

Source repositories

CVEs (5)

  • CVE-2024-12243MedFeb 10, 2025
    risk 0.35cvss 5.3epss 0.01

    A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to…

  • CVE-2024-12133MedFeb 10, 2025
    risk 0.34cvss 5.3epss 0.01

    A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially…

  • CVE-2025-13151Jan 7, 2026
    risk 0.00cvss epss 0.01

    Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string.

  • CVE-2006-0645Feb 10, 2006
    risk 0.00cvss epss 0.04

    Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by invalid input, as demonstrated by…

  • CVE-2004-0401Jul 7, 2004
    risk 0.00cvss epss 0.02

    Unknown vulnerability in libtasn1 0.1.x before 0.1.2, and 0.2.x before 0.2.7, related to the DER parsing functions.