79 matches found
Astra Linux - уязвимость в libtasn1-6
GNU Libtasn1-4.13 libtasn1-4.13 version. libtasn1-4.13 contains a DoS vulnerability. Specifically, CPU usage will reach 100% when running asn1Paser against the POC due to a problem in asn1expandobjectidptree. After some time, the program will terminate. This vulnerability seems to be exploitable ...
CVE-2026-5188
CVE-2026-5188 describes an integer underflow in wolfSSL when parsing the SAN extension of X.509 certificates. A malformed certificate may specify an entry length larger than the enclosing sequence, causing the internal length counter to wrap during parsing. This vulnerability is limited to config...
CVE-2026-5188 Integer underflow in X.509 SAN parsing in wolfSSL
An integer underflow issue exists in wolfSSL when parsing the Subject Alternative Name SAN extension of X.509 certificates. A malformed certificate can specify an entry length larger than the enclosing sequence, causing the internal length counter to wrap during parsing. This results in incorrect...
CVE-2026-5188
An integer underflow issue exists in wolfSSL when parsing the Subject Alternative Name SAN extension of X.509 certificates. A malformed certificate can specify an entry length larger than the enclosing sequence, causing the internal length counter to wrap during parsing. This results in incorrect...
libcurl's ASN1 parser code has the GTime2str() function, used for parsing an ASN.1 (CVE-2024-7264)
A flaw was found in libcurl, where libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the time fraction , leading to a strlen performed on a pointer to a heap...
node-forge has ASN.1 Unbounded Recursion
Summary An Uncontrolled Recursion CWE-674 vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service DoS via stack exhaustion when parsing untrusted DER...
JLSEC-2025-38 libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Tim...
libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the time fraction, leading to a strlen getting performed on a pointer to a heap buffer area that i...
EUVD-2024-47336
Malicious code in bioql PyPI...
EUVD-2024-48211
Malicious code in bioql PyPI...
RLSA-2025:1671 Important: mysql security update
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date pars...
Linux Distros Unpatched Vulnerability : CVE-2024-7264
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2901)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2825)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : curl (EulerOS-SA-2024-2825)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field,...
EulerOS 2.0 SP10 : curl (EulerOS-SA-2024-2901)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is...
EulerOS 2.0 SP9 : curl (EulerOS-SA-2024-2809)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field,...
EulerOS 2.0 SP10 : curl (EulerOS-SA-2024-2882)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2795)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2783)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP12 : curl (EulerOS-SA-2024-2795)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field,...