Gnu Libtasn1
9 CVEs affecting Gnu Libtasn1. Latest disclosed: 2017-07-02. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-6891 | High | 8.8 | 2017-05-22 | Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow… |
CVE-2017-10790 | High | 7.5 | 2017-07-02 | The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignmen… |
CVE-2016-4008 | Medium | 5.9 | 2016-05-05 | The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attack… |
CVE-2015-3622 | | 2015-05-12 | The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.5 allows remote attackers to cause a denial of service (out-of-bounds heap read… | |
CVE-2015-2806 | | 2015-04-10 | Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors. | |
CVE-2014-3469 | | 2014-06-05 | The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL… | |
CVE-2014-3468 | | 2014-06-05 | The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-depen… | |
CVE-2014-3467 | | 2014-06-05 | Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out… | |
CVE-2012-1569 | | 2012-03-26 | The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certai… |