JLSEC-2026-239 Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them...

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

Amazon Linux 2023 : gnutls, gnutls-c++, gnutls-dane (ALAS2023-2025-958)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-958 advisory. A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leadin...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2025-1419)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP11 : gnutls (EulerOS-SA-2025-1357)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : phpseclib vulnerabilities (USN-7404-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7404-1 advisory. It was discovered that phpseclib did not correctly handle RSA PKCS1 v1.5 signature verification. An attacker could...

PT-2025-6057

Name of the Vulnerable Software and Affected Versions GnuTLS affected versions not specified Description A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive...

EulerOS Virtualization 3.0.6.0 : shim (EulerOS-SA-2024-1706)

According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Node.js vulnerabilities (USN-6672-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6672-1 advisory. Morgan Jones discovered that Node.js incorrectly handled certain inputs that leads to false positive errors during some cryptographic...

PT-2024-21844

Name of the Vulnerable Software and Affected Versions phpseclib versions 1.x through 1.0.22 phpseclib versions 2.x through 2.0.46 phpseclib versions 3.x through 3.0.35 Description An issue was discovered in phpseclib when processing the ASN.1 object identifier of a certificate. A sub identifier m...

Impact of OpenSSL Possible DoS translating ASN 1 object identifiers on SonicWall Products CVE-2023-2650

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow.Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notab...