80 matches found
OpenSSL 安全漏洞
OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...
UBUNTU-CVE-2026-31789
Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker c...
CVE-2026-33936
The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Prior to version 0.19.2, an issue in the low-level D...
CVE-2026-33936
The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Prior to version 0.19.2, an issue in the low-level D...
python-ecdsa: Denial of Service via improper DER length validation in crafted private keys
Summary An issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the public API functions. 1. ecdsa.der.removeoctetstring accepts truncated DER where the encoded length exceeds the available buffer. For example, an OCTET STRING that declares a length of 40...
PT-2026-28568
Name of the Vulnerable Software and Affected Versions ecdsa versions prior to 0.19.2 Description The ecdsa package, a Python implementation of ECC, contains a flaw in its DER parsing functions. Specifically, ecdsa.der.remove octet string incorrectly accepts truncated DER data where the declared...
EulerOS 2.0 SP12 : libtasn1 (EulerOS-SA-2026-1403)
According to the versions of the libtasn1 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in...
Important: libtasn1
Issue Overview: Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1expendoctetstring. CVE-2025-13151 Affected Packages: libtasn1 Note: This advisory is applicable to Amazon Linux 2 AL2 Core...
Security update for libtasn1
This update for libtasn1 fixes the following issues: CVE-2025-13151: stack-based buffer overflow in asn1expendoctetstring bsc1256341. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
Security update for libtasn1
This update for libtasn1 fixes the following issues: CVE-2025-13151: stack-based buffer overflow in asn1expendoctetstring bsc1256341. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
SUSE-SU-2026:0118-1 Security update for libtasn1
This update for libtasn1 fixes the following issues: - CVE-2025-13151: stack-based buffer overflow in asn1expendoctetstring bsc1256341...
Updated libtasn1 packages fix security vulnerability
Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1expendoctetstring. CVE-2025-13151...
Linux Distros Unpatched Vulnerability : CVE-2025-13151
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in...
CVE-2025-13151
Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1expendoctetstring...
AZL-73664 CVE-2025-13151 affecting package libtasn1 for versions less than 4.19.0-3
Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1expendoctetstring...
AZL-74070 CVE-2025-13151 affecting package libtasn1 for versions less than 4.19.0-3
Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1expendoctetstring...
Stack-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the asn1expendoctetstring function. An attacker can cause by supplying specially crafted input data that exceeds the expected buffer size. Remediation A fix was pushed into the master branch but not yet...
CVE-2025-13151 CVE-2025-13151
Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1expendoctetstring...
CVE-2025-13151
Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1expendoctetstring...
PT-2026-1701
Name of the Vulnerable Software and Affected Versions libtasn1 versions prior to 4.21.0 Description A stack-based buffer overflow exists in the asn1 expend octet string function of libtasn1. The function does not properly validate the size of input data, leading to a buffer overflow. Libtasn1 is ...