Search CVE reports
11 – 12 of 12 results
CVE-2014-3468
Medium prioritySome fixes available 3 of 5
The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.
2 affected packages
libtasn1-3, libtasn1-6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libtasn1-3 | — | — | — | — | — |
| libtasn1-6 | — | — | — | — | — |
CVE-2014-3467
Medium prioritySome fixes available 3 of 5
Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data.
2 affected packages
libtasn1-3, libtasn1-6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libtasn1-3 | — | — | — | — | — |
| libtasn1-6 | — | — | — | — | — |