3 matches found
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the ASN.1 decoder. An attacker can crash the application or cause memory beyond the end of the input buffer to be loaded into the decoded ASN.1 object, by supplying very large input data. Applications that pass...
CVE-2026-33894
Forge (node-forge) prior to version 1.4.0 is vulnerable to RSASSA-PKCS1 v1.5 signature forgery for low exponent keys (e = 3). The issue arises from forging signatures by injecting extra bytes inside the ASN.1 structure and by not enforcing a minimum PKCS#1 v1.5 padding length of 8 bytes, enabling...
DEBIAN-CVE-2016-2522
The dissectberconstrainedbitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 2.0.x before 2.0.2 does not verify that a certain length is nonzero, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafte...