4 matches found
CVE-2021-46848
CVE-2021-46848 affects GNU libtasn1 prior to 4.19.0, due to an off-by-one array size check in the ETYPE_OK path that can impact ASN.1 DER encoding (asn1_encode_simple_der). Public details in connected sources indicate vulnerable versions are
CVE-2014-3467
GNUTLS/library libtasn1 vulnerability CVE-2014-3467 is due to multiple issues in the DER decoder of GNU Libtasn1 up to version 3.5.x (pre-3.6), exploited by crafted ASN.1 data to cause a denial of service via out-of-bounds read. The issue is confirmed in multiple advisories (F5 SOL15423, ALAS-201...
CVE-2014-3468
The CVE concerns GNU Libtasn1 prior to version 3.6, where asn1_get_bit_der does not properly report an error for a negative bit length. This can enable context-dependent attackers to trigger out-of-bounds access via crafted ASN.1 data, potentially impacting applications using libtasn1. Public ref...
CVE-2014-3469
CVE-2014-3469 affects GNU libtasn1 before 3.6, where the functions asn1_read_value_type and asn1_read_value may dereference a NULL ivalue. In this context, crafted ASN.1 data can trigger a NULL pointer dereference in the library, leading to a denial of service (crash). The vulnerability is noted ...