pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion

An unbounded recursion flaw has been discovered in the pypi pyasn1 library. This uncontrolled recursion occurs when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE 0x30 or SET 0x31 tags with Indefinite Length 0x80 markers. Thi...

JLSEC-2026-233 openssl-src vulnerable to Use-after-free following `BIO_new_NDEF`

The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the...

EUVD-2025-60979

SAP CommonCryptoLib does not perform necessary boundary checks during pre-authentication parsing of manipulated ASN.1 data over the network. This may result in memory corruption followed by an application crash, hence leading to a high impact on availability. There is no impact on confidentiality...

The vulnerability of the mbedtls_asn1_store_named_data function in Mbed TLS software allows a attacker to execute arbitrary code.

The vulnerability of the mbedtlsasn1storenameddata function in Mbed TLS is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker operating remotely to execute arbitrary code...

openssl: use-after-free following BIO_new_NDEF

A use-after-free vulnerability was found in OpenSSL's BIOnewNDEF function. The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be...

SUSE CVE-2014-3467

Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service out-of-bounds read via crafted ASN.1 data...

Vulnerability fixed in Kerberos

A vulnerability has been fixed in MIT Kerberos. A malicious person can exploit the vulnerability to cause a denial-of-service cause. The vulnerability is in the way ASN.1 data is is processed, which can create an infinite loop that causes a crash in the Kerberos process. -= Debian =- Debian has...

DEBIAN-CVE-2019-18840

In wolfSSL 4.1.0 through 4.2.0c, there are missing sanity checks of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer overflow inside the DecodedCert structure in GetName in wolfcrypt/src/asn.c because the domain name location...

CVE-2018-11058

RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 in 4.0.x and prior to 4.1.6 in 4.1.x, and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 in 4.0.x contain a Buffer Over-Read vulnerability when parsing ASN.1 data. A remote attacker could use maliciously constructed ASN.1 data th...

UBUNTU-CVE-2016-6129

The rsaverifyhashex function in rsaverifyhash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes it easier for remote attackers to forge RSA signatures or public certificates by leveraging a...

Botan BER Decoder Security Bypass Vulnerability

Botan is a C++ library of cryptographic algorithms that supports AES, DES, SHA-1, RSA, DSA and Diffie-Hellman. A security vulnerability in the Botan BER decoder allows remote attackers to exploit the vulnerability by submitting a special request to read untrusted ASN.1 data...

The vulnerability of the set of libraries for Network Security Services allows a perpetrator to execute arbitrary code.

The vulnerability of the Network Security Services library is caused by an overflow in the buffer of dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially crafted ASN.1 data within X.509 certificates...