CVE-2019-25049Out-of-bounds Read in Libressl

CWE-125Out-of-bounds Read3 documents3 sources
Severity
7.1HIGHNVD
EPSS
0.2%
top 55.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Openbsd Libressl
Timeline
PublishedJul 1
Latest updateMay 24

Description

LibreSSL 2.9.1 through 3.2.1 has an out-of-bounds read in asn1_item_print_ctx (called from asn1_template_print_ctx).

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages1 packages

NVDopenbsd/libressl2.9.13.2.1

Patches

Patch: bugs.chromium.orgPatch: github.comPatch: bugs.chromium.org

🔴Vulnerability Details

2
GHSA
GHSA-wjh5-hg9w-r7qm: LibreSSL 22022-05-24
CVEList
CVE-2019-25049: LibreSSL 22021-07-01