Unity Linux 20.1070e Security Update: libtomcrypt (UTSA-2026-016691)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016691 advisory. In LibTomCrypt through 1.18.2, the derdecodeutf8string function in derdecodeutf8string.c does not properly detect certain invalid UTF-8 sequences. This allows...

Advisory ROSA-SA-2026-3193

Software: libtomcrypt 1.18.2 OS: ROSA Virtualization 2.1 unaffected versions = libtomcrypt-1.18.2-5.0.1.rv3 affected versions libtomcrypt-1.18.2-5.0.1.1.rv3 CVE-ID: CVE-2019-17362 BDU-ID: 2025-16070 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the derdecodeutf8string function of the...

Advisory ROSA-SA-2026-3173

Software: libtomcrypt 1.18.2 OS: ROSA Virtualization 3.0 unaffected versions = libtomcrypt-1.18.2-5.0.1.rv30 affected versions libtomcrypt-1.18.2-5.0.1.rv30 CVE-ID: CVE-2019-17362 BDU-ID: 2025-16070 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the derdecodeutf8string function of the...

TencentOS Server 4: libtomcrypt (TSSA-2025:0362)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0362 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Fedora 39 : perl-CryptX (2023-1f0ac1260e)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-1f0ac1260e advisory. Update to 0.080 Fix CVE-2019-17362 in bundled libtomcrypt Tenable has extracted the preceding description block directly from the Fedora security advisory...

In LibTomCrypt through 1.18.2 the der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) or read information from other memory locations via carefully crafted DER-encoded data.

...

EulerOS 2.0 SP8 : libtomcrypt (EulerOS-SA-2021-2303)

According to the version of the libtomcrypt package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In LibTomCrypt through 1.18.2, the derdecodeutf8string function in derdecodeutf8string.c does not properly detect certain invalid UTF-8...

EulerOS 2.0 SP9 : libtomcrypt (EulerOS-SA-2021-2247)

According to the version of the libtomcrypt package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In LibTomCrypt through 1.18.2, the derdecodeutf8string function in derdecodeutf8string.c does not properly detect certain invalid UTF-8...

EulerOS Virtualization 2.9.0 : libtomcrypt (EulerOS-SA-2021-2196)

According to the version of the libtomcrypt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - In LibTomCrypt through 1.18.2, the derdecodeutf8string function in derdecodeutf8string.c does not properly detect certain invali...

EulerOS Virtualization 2.9.1 : libtomcrypt (EulerOS-SA-2021-2181)

According to the version of the libtomcrypt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - In LibTomCrypt through 1.18.2, the derdecodeutf8string function in derdecodeutf8string.c does not properly detect certain invali...

Huawei EulerOS: Security Advisory for libtomcrypt (EulerOS-SA-2021-2196)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-17362

In LibTomCrypt through 1.18.2, the derdecodeutf8string function in derdecodeutf8string.c does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service out-of-bounds read and crash or read information from other memory locations via...

CVE-2019-17362

In LibTomCrypt through 1.18.2, the derdecodeutf8string function in derdecodeutf8string.c does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service out-of-bounds read and crash or read information from other memory locations via...

CVE-2019-17362

In LibTomCrypt through 1.18.2, the derdecodeutf8string function in derdecodeutf8string.c does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service out-of-bounds read and crash or read information from other memory locations via...

AZL-36958 CVE-2019-17362 affecting package libtomcrypt for versions less than 1.18.2-9

In LibTomCrypt through 1.18.2, the derdecodeutf8string function in derdecodeutf8string.c does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service out-of-bounds read and crash or read information from other memory locations via...

CVE-2019-17362

In LibTomCrypt through 1.18.2, the derdecodeutf8string function in derdecodeutf8string.c does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service out-of-bounds read and crash or read information from other memory locations via...

CVE-2019-17362

CVE-2019-17362 affects LibTomCrypt up to version 1.18.2. The vulnerability resides in der_decode_utf8_string (der_decode_utf8_string.c), which fails to detect certain invalid UTF-8 sequences, enabling context-dependent attackers to cause a denial of service via an out-of-bounds read and crash, or...

CVE-2019-17362

In LibTomCrypt through 1.18.2, the derdecodeutf8string function in derdecodeutf8string.c does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service out-of-bounds read and crash or read information from other memory locations via...

LibTomCrypt Memory Corruption Vulnerability

LibTomCrypt is a fairly comprehensive modular portable encryption toolkit. LibTomCrypt 1.18.2 and earlier versions suffer from a memory corruption vulnerability that stems from the derdecodeutf8string function in derdecodeutf8string.c failing to correctly detect certain invalid UTF-8 sequences,...

CVE-2019-17362

In LibTomCrypt through 1.18.2, the derdecodeutf8string function in derdecodeutf8string.c does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service out-of-bounds read and crash or read information from other memory locations via...