Linux Distros Unpatched Vulnerability : CVE-2025-12816

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An interpretation-conflict CWE-436 vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to...

GHSA-5GFM-WPXJ-WJGQ node-forge has an Interpretation Conflict vulnerability via its ASN.1 Validator Desynchronization

Summary CVE-2025-12816 has been reserved by CERT/CC Description An Interpretation Conflict CWE-436 vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may...

EUVD-2025-199630

node-forge has an Interpretation Conflict vulnerability via its ASN.1 Validator Desynchronization...

node-forge has an Interpretation Conflict vulnerability via its ASN.1 Validator Desynchronization

Summary CVE-2025-12816 has been reserved by CERT/CC Description An Interpretation Conflict CWE-436 vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may...

DEBIAN-CVE-2025-12816

An interpretation-conflict CWE-436 vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions...

CVE-2025-12816

An interpretation-conflict CWE-436 vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions...

UBUNTU-CVE-2025-12816

An interpretation-conflict CWE-436 vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions...

PT-2025-48075

Name of the Vulnerable Software and Affected Versions node-forge versions 1.3.1 and earlier Description An interpretation-conflict issue exists in node-forge. Unauthenticated attackers can create specific ASN.1 structures that disrupt schema validations. This can lead to a difference in how data ...

EulerOS 2.0 SP10 : httpd (EulerOS-SA-2025-2387)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications...

astral-tokio-tar Vulnerable to PAX Header Desynchronization

...

CVE-2025-11915

Connection desynchronization between an HTTP proxy and the model backend. The fixes were rolled out for all proxies in front of impacted models by 2025-09-28. Users do not need to take any action...

CVE-2025-11915

Connection desynchronization between an HTTP proxy and the model backend. The fixes were rolled out for all proxies in front of impacted models by 2025-09-28. Users do not need to take any action...

EUVD-2025-35358

Connection desynchronization between an HTTP proxy and the model backend. The fixes were rolled out for all proxies in front of impacted models by 2025-09-28. Users do not need to take any action...

CVE-2025-11915 HTTP Desynchronisation in Vertex AI for certain third-party models

Connection desynchronization between an HTTP proxy and the model backend. The fixes were rolled out for all proxies in front of impacted models by 2025-09-28. Users do not need to take any action...

PT-2025-43062

Name of the Vulnerable Software and Affected Versions versions prior to 2025-09-28 Description A desynchronization issue exists between an HTTP proxy and the model backend. This affects communication within the model backend. Approximately 10,000 devices worldwide are potentially affected. The...

CVE-2025-62518

Vulnerability CVE-2025-62518 affects astral-tokio-tar

CVE-2025-62518 astral-tokio-tar Vulnerable to PAX Header Desynchronization

astral-tokio-tar is a tar archive reading/writing library for async Rust. Versions of astral-tokio-tar prior to 0.5.6 contain a boundary parsing vulnerability that allows attackers to smuggle additional archive entries by exploiting inconsistent PAX/ustar header handling. When processing archives...

CVE-2025-62518 astral-tokio-tar Vulnerable to PAX Header Desynchronization

astral-tokio-tar is a tar archive reading/writing library for async Rust. Versions of astral-tokio-tar prior to 0.5.6 contain a boundary parsing vulnerability that allows attackers to smuggle additional archive entries by exploiting inconsistent PAX/ustar header handling. When processing archives...

astral-tokio-tar Vulnerable to PAX Header Desynchronization

Summary Versions of astral-tokio-tar prior to 0.5.6 contain a boundary parsing vulnerability that allows attackers to smuggle additional archive entries by exploiting inconsistent PAX/ustar header handling. When processing archives with PAX-extended headers containing size overrides, the parser...

GHSA-J5GW-2VRG-8FGX astral-tokio-tar Vulnerable to PAX Header Desynchronization

Summary Versions of astral-tokio-tar prior to 0.5.6 contain a boundary parsing vulnerability that allows attackers to smuggle additional archive entries by exploiting inconsistent PAX/ustar header handling. When processing archives with PAX-extended headers containing size overrides, the parser...