CVE-2016-4008

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-4008

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-4008.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-4008

Related

Published

2016-05-05T18:59:10Z

Modified

2024-09-18T02:24:59.849510Z

Severity

5.9 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

The asn1extractderoctet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1DECODEFLAGSTRICTDER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate.

References

Affected packages

Debian:11 / libtasn1-6

Package

Name: libtasn1-6
Purl: pkg:deb/debian/libtasn1-6?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.8-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / libtasn1-6

Package

Name: libtasn1-6
Purl: pkg:deb/debian/libtasn1-6?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.8-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / libtasn1-6

Package

Name: libtasn1-6
Purl: pkg:deb/debian/libtasn1-6?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.8-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / gitlab.com/gnutls/libtasn1

Affected ranges

Type: GIT
Repo: https://gitlab.com/gnutls/libtasn1
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

1e3d04bce839540c6a3f8f14c8521d8390042f23

Affected versions

Other

gnutls_0_5_0

gnutls_0_5_1

libasn1_0_1_0

libtasn1-0-3-2

libtasn1_0_1_2

libtasn1_0_2_0

libtasn1_0_2_1

libtasn1_0_2_10

libtasn1_0_2_11

libtasn1_0_2_12

libtasn1_0_2_13

libtasn1_0_2_14

libtasn1_0_2_15

libtasn1_0_2_16

libtasn1_0_2_17

libtasn1_0_2_18

libtasn1_0_2_2

libtasn1_0_2_3

libtasn1_0_2_4

libtasn1_0_2_5

libtasn1_0_2_6

libtasn1_0_2_7

libtasn1_0_2_8

libtasn1_0_2_9

libtasn1_0_3_0

libtasn1_0_3_1

libtasn1_0_3_10

libtasn1_0_3_2

libtasn1_0_3_3

libtasn1_0_3_4

libtasn1_0_3_5

libtasn1_0_3_6

libtasn1_0_3_7

libtasn1_0_3_8

libtasn1_0_3_9

libtasn1_1_0

libtasn1_1_1

libtasn1_1_2

libtasn1_1_3

libtasn1_1_4

libtasn1_1_5

libtasn1_1_6

libtasn1_2_0

libtasn1_2_1

libtasn1_2_10

libtasn1_2_11

libtasn1_2_12

libtasn1_2_13

libtasn1_2_2

libtasn1_2_3

libtasn1_2_4

libtasn1_2_5

libtasn1_2_6

libtasn1_2_7

libtasn1_2_8

libtasn1_2_9

libtasn1_3_0

libtasn1_3_1

libtasn1_3_2

libtasn1_3_3

libtasn1_3_4

libtasn1_3_5

libtasn1_3_6

libtasn1_4_0

libtasn1_4_1

libtasn1_4_2

libtasn1_4_3

libtasn1_4_4

libtasn1_4_5

libtasn1_4_6

libtasn1_after_rename

libtasn1_4.*

libtasn1_4.7