UBUNTU-CVE-2025-66030

Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be...

Forge JavaScript library impacted by a vulnerability in signature verification.

Overview The Forge JavaScript library provides TLS-related cryptographic utilities. A vulnerability that allows signature verification to be bypassed through crafted manipulation of ASN.1 structures, particularly in fields such as Message Authentication Code MAC data, was identified. Users of the...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submitting specially crafted ASN.1 Object Identifiers, potentially leading to service disruption...

Read buffer overruns processing ASN.1 strings

...

OESA-2021-1132 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Wireshark, formerly known as Ethereal, can be used to examine the details of traffic at a variety of levels ranging...

GNU Libtasn1 '_asn1_check_identifier' Denial of Service Vulnerability

Libtasn1 is the ASN.1 library used by GnuTLS. A denial of service vulnerability exists in GNU Libtasn1 'asn1checkidentifier'. The vulnerability stems from the asn1checkidentifier function reading specially designed input, which can be exploited by an attacker to cause a remote denial of service...

[SECURITY] Fedora 21 Update: libtasn1-4.4-1.fc21

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding func tions...

Debian Security Advisory DSA 3056-1 (libtasn1-3 - security update)

Several vulnerabilities were discovered in libtasn1-3, a library that manages ASN1 Abstract Syntax Notation One structures. An attacker could use those to cause a denial-of-service via out-of-bounds access or NULL pointer dereference. OpenVAS Vulnerability Test $Id: deb3056.nasl 6750 2017-07-18...

[SECURITY] Fedora 20 Update: libtasn1-3.6-1.fc20

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding func tions...

Fedora Update for nodejs-asn1 FEDORA-2013-11780

Check for the Version of nodejs-asn1 OpenVAS Vulnerability Test Fedora Update for nodejs-asn1 FEDORA-2013-11780 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted HTTP headers, which are not...

DEBIAN-CVE-2003-0544

OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service crash via an SSL client certificate that causes OpenSSL to read past the end of a buffer when the long form is used...