Debian Libtasn1-6 vulnerabilities

13 known vulnerabilities affecting debian/libtasn1-6.

Total CVEs
13
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH5MEDIUM5LOW1

Vulnerabilities

Page 1 of 1
CVE-2025-13151HIGHCVSS 7.5fixed in libtasn1-6 4.21.0-2 (forky)2025
CVE-2025-13151 [HIGH] CVE-2025-13151: libtasn1-6 - Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to ... Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string. Scope: local bookworm: open bullseye: open forky: resolved (fixed in 4.21.0-2) sid: resolved (fixed in 4.21.0-2) trixie: open
debian
CVE-2024-12133MEDIUMCVSS 5.3fixed in libtasn1-6 4.19.0-2+deb12u1 (bookworm)2024
CVE-2024-12133 [MEDIUM] CVE-2024-12133: libtasn1-6 - A flaw in libtasn1 causes inefficient handling of specific certificate data. Whe... A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack. Scope: local bookworm: resolved
debian
CVE-2021-46848CRITICALCVSS 9.1fixed in libtasn1-6 4.19.0-2 (bookworm)2021
CVE-2021-46848 [CRITICAL] CVE-2021-46848: libtasn1-6 - GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affe... GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der. Scope: local bookworm: resolved (fixed in 4.19.0-2) bullseye: resolved (fixed in 4.16.0-2+deb11u1) forky: resolved (fixed in 4.19.0-2) sid: resolved (fixed in 4.19.0-2) trixie: resolved (fixed in 4.19.0-2)
debian
CVE-2018-6003HIGHCVSS 7.5fixed in libtasn1-6 4.13-2 (bookworm)2018
CVE-2018-6003 [HIGH] CVE-2018-6003: libtasn1-6 - An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in... An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS. Scope: local bookworm: resolved (fixed in 4.13-2) bullseye: resolved (fixed in 4.13-2) forky: resolved (fixed in 4.13-2) sid: resolved (fixed in 4.13-2) trixie: resolved (fixed in 4.13-2
debian
CVE-2018-1000654LOWCVSS 5.5fixed in libtasn1-6 4.14-2 (bookworm)2018
CVE-2018-1000654 [MEDIUM] CVE-2018-1000654: libtasn1-6 - GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a ... GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file. Scope: local bookworm: resolved
debian
CVE-2017-10790HIGHCVSS 7.5fixed in libtasn1-6 4.12-2.1 (bookworm)2017
CVE-2017-10790 [HIGH] CVE-2017-10790: libtasn1-6 - The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL p... The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure. It may lead to a remote denial of service attack. Scope: local bookworm: resolved (fixed in 4.12-2.1) bullseye: resolved (fixed in 4.12-2.1) forky: resolved
debian
CVE-2017-6891HIGHCVSS 8.8fixed in libtasn1-6 4.10-1.1 (bookworm)2017
CVE-2017-6891 [HIGH] CVE-2017-6891: libtasn1-6 - Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS l... Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility. Scope: local bookworm: resolved (fixed in 4.10-1.1) bullseye: resolved (fixed in 4.10-1.1) forky: resol
debian
CVE-2016-4008MEDIUMCVSS 5.9fixed in libtasn1-6 4.8-1 (bookworm)2016
CVE-2016-4008 [MEDIUM] CVE-2016-4008: libtasn1-6 - The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.... The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate. Scope: local bookworm: resolved (fixed in 4.8-1) bullseye: resolved (fixed in 4.8-1) forky: resolved (fixed in 4.8-1) sid: re
debian
CVE-2015-2806CRITICALCVSS 10.0fixed in libtasn1-6 4.2-3 (bookworm)2015
CVE-2015-2806 [CRITICAL] CVE-2015-2806: libtasn1-6 - Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows r... Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors. Scope: local bookworm: resolved (fixed in 4.2-3) bullseye: resolved (fixed in 4.2-3) forky: resolved (fixed in 4.2-3) sid: resolved (fixed in 4.2-3) trixie: resolved (fixed in 4.2-3)
debian
CVE-2015-3622MEDIUMCVSS 4.3fixed in libtasn1-6 4.4-3 (bookworm)2015
CVE-2015-3622 [MEDIUM] CVE-2015-3622: libtasn1-6 - The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.... The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.5 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted certificate. Scope: local bookworm: resolved (fixed in 4.4-3) bullseye: resolved (fixed in 4.4-3) forky: resolved (fixed in 4.4-3) sid: resolved (fixed in 4.4-3) trixie: resolved (fixed in 4
debian
CVE-2014-3468HIGHCVSS 7.5fixed in libtasn1-6 3.6-1 (bookworm)2014
CVE-2014-3468 [HIGH] CVE-2014-3468: libtasn1-6 - The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly repor... The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data. Scope: local bookworm: resolved (fixed in 3.6-1) bullseye: resolved (fixed in 3.6-1) forky: resolved (fixed in 3.6-1) sid: resolved (fixed
debian
CVE-2014-3467MEDIUMCVSS 5.0fixed in libtasn1-6 3.6-1 (bookworm)2014
CVE-2014-3467 [MEDIUM] CVE-2014-3467: libtasn1-6 - Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3... Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data. Scope: local bookworm: resolved (fixed in 3.6-1) bullseye: resolved (fixed in 3.6-1) forky: resolved (fixed in 3.6-1) sid: resolved (fixed in 3.6-1) trixie: resolved
debian
CVE-2014-3469MEDIUMCVSS 5.0fixed in libtasn1-6 3.6-1 (bookworm)2014
CVE-2014-3469 [MEDIUM] CVE-2014-3469: libtasn1-6 - The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 b... The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument. Scope: local bookworm: resolved (fixed in 3.6-1) bullseye: resolved (fixed in 3.6-1) forky: resolved (fixed in 3.6-1) sid: resolved (f
debian