CVE-2018-6003

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-6003

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-6003.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-6003

Related

Published

2018-01-22T20:29:00Z

Modified

2024-11-13T01:02:05.036718Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An issue was discovered in the asn1decodesimpleber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS.

References

Affected packages

Alpine:v3.10 / libtasn1

Package

Name: libtasn1
Purl: pkg:apk/alpine/libtasn1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.13-r0

Affected versions

1.*

1.8-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.4-r0

2.5-r0

2.5-r1

2.6-r0

2.6-r1

2.6-r2

2.8-r0

2.8-r1

2.9-r0

2.9-r1

2.12-r0

2.13-r0

2.14-r0

3.*

3.1-r0

3.2-r0

3.3-r0

3.4-r0

3.6-r0

4.*

4.1-r0

4.2-r0

4.4-r0

4.5-r0

4.6-r0

4.7-r0

4.8-r0

4.9-r0

4.10-r0

4.10-r1

4.12-r0

4.12-r1

4.12-r2

Alpine:v3.11 / libtasn1

Package

Name: libtasn1
Purl: pkg:apk/alpine/libtasn1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.13-r0

Affected versions

1.*

1.8-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.4-r0

2.5-r0

2.5-r1

2.6-r0

2.6-r1

2.6-r2

2.8-r0

2.8-r1

2.9-r0

2.9-r1

2.12-r0

2.13-r0

2.14-r0

3.*

3.1-r0

3.2-r0

3.3-r0

3.4-r0

3.6-r0

4.*

4.1-r0

4.2-r0

4.4-r0

4.5-r0

4.6-r0

4.7-r0

4.8-r0

4.9-r0

4.10-r0

4.10-r1

4.12-r0

4.12-r1

4.12-r2

Alpine:v3.12 / libtasn1

Package

Name: libtasn1
Purl: pkg:apk/alpine/libtasn1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.13-r0

Affected versions

1.*

1.8-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.4-r0

2.5-r0

2.5-r1

2.6-r0

2.6-r1

2.6-r2

2.8-r0

2.8-r1

2.9-r0

2.9-r1

2.12-r0

2.13-r0

2.14-r0

3.*

3.1-r0

3.2-r0

3.3-r0

3.4-r0

3.6-r0

4.*

4.1-r0

4.2-r0

4.4-r0

4.5-r0

4.6-r0

4.7-r0

4.8-r0

4.9-r0

4.10-r0

4.10-r1

4.12-r0

4.12-r1

4.12-r2

Alpine:v3.13 / libtasn1

Package

Name: libtasn1
Purl: pkg:apk/alpine/libtasn1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.13-r0

Affected versions

1.*

1.8-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.4-r0

2.5-r0

2.5-r1

2.6-r0

2.6-r1

2.6-r2

2.8-r0

2.8-r1

2.9-r0

2.9-r1

2.12-r0

2.13-r0

2.14-r0

3.*

3.1-r0

3.2-r0

3.3-r0

3.4-r0

3.6-r0

4.*

4.1-r0

4.2-r0

4.4-r0

4.5-r0

4.6-r0

4.7-r0

4.8-r0

4.9-r0

4.10-r0

4.10-r1

4.12-r0

4.12-r1

4.12-r2

Alpine:v3.14 / libtasn1

Package

Name: libtasn1
Purl: pkg:apk/alpine/libtasn1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.13-r0

Affected versions

1.*

1.8-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.4-r0

2.5-r0

2.5-r1

2.6-r0

2.6-r1

2.6-r2

2.8-r0

2.8-r1

2.9-r0

2.9-r1

2.12-r0

2.13-r0

2.14-r0

3.*

3.1-r0

3.2-r0

3.3-r0

3.4-r0

3.6-r0

4.*

4.1-r0

4.2-r0

4.4-r0

4.5-r0

4.6-r0

4.7-r0

4.8-r0

4.9-r0

4.10-r0

4.10-r1

4.12-r0

4.12-r1

4.12-r2

Alpine:v3.15 / libtasn1

Package

Name: libtasn1
Purl: pkg:apk/alpine/libtasn1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.13-r0

Affected versions

1.*

1.8-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.4-r0

2.5-r0

2.5-r1

2.6-r0

2.6-r1

2.6-r2

2.8-r0

2.8-r1

2.9-r0

2.9-r1

2.12-r0

2.13-r0

2.14-r0

3.*

3.1-r0

3.2-r0

3.3-r0

3.4-r0

3.6-r0

4.*

4.1-r0

4.2-r0

4.4-r0

4.5-r0

4.6-r0

4.7-r0

4.8-r0

4.9-r0

4.10-r0

4.10-r1

4.12-r0

4.12-r1

4.12-r2

Alpine:v3.16 / libtasn1

Package

Name: libtasn1
Purl: pkg:apk/alpine/libtasn1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.13-r0

Affected versions

1.*

1.8-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.4-r0

2.5-r0

2.5-r1

2.6-r0

2.6-r1

2.6-r2

2.8-r0

2.8-r1

2.9-r0

2.9-r1

2.12-r0

2.13-r0

2.14-r0

3.*

3.1-r0

3.2-r0

3.3-r0

3.4-r0

3.6-r0

4.*

4.1-r0

4.2-r0

4.4-r0

4.5-r0

4.6-r0

4.7-r0

4.8-r0

4.9-r0

4.10-r0

4.10-r1

4.12-r0

4.12-r1

4.12-r2

Alpine:v3.17 / libtasn1

Package

Name: libtasn1
Purl: pkg:apk/alpine/libtasn1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.13-r0

Affected versions

1.*

1.8-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.4-r0

2.5-r0

2.5-r1

2.6-r0

2.6-r1

2.6-r2

2.8-r0

2.8-r1

2.9-r0

2.9-r1

2.12-r0

2.13-r0

2.14-r0

3.*

3.1-r0

3.2-r0

3.3-r0

3.4-r0

3.6-r0

4.*

4.1-r0

4.2-r0

4.4-r0

4.5-r0

4.6-r0

4.7-r0

4.8-r0

4.9-r0

4.10-r0

4.10-r1

4.12-r0

4.12-r1

4.12-r2

Alpine:v3.18 / libtasn1

Package

Name: libtasn1
Purl: pkg:apk/alpine/libtasn1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.13-r0

Affected versions

1.*

1.8-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.4-r0

2.5-r0

2.5-r1

2.6-r0

2.6-r1

2.6-r2

2.8-r0

2.8-r1

2.9-r0

2.9-r1

2.12-r0

2.13-r0

2.14-r0

3.*

3.1-r0

3.2-r0

3.3-r0

3.4-r0

3.6-r0

4.*

4.1-r0

4.2-r0

4.4-r0

4.5-r0

4.6-r0

4.7-r0

4.8-r0

4.9-r0

4.10-r0

4.10-r1

4.12-r0

4.12-r1

4.12-r2

Alpine:v3.19 / libtasn1

Package

Name: libtasn1
Purl: pkg:apk/alpine/libtasn1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.13-r0

Affected versions

1.*

1.8-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.4-r0

2.5-r0

2.5-r1

2.6-r0

2.6-r1

2.6-r2

2.8-r0

2.8-r1

2.9-r0

2.9-r1

2.12-r0

2.13-r0

2.14-r0

3.*

3.1-r0

3.2-r0

3.3-r0

3.4-r0

3.6-r0

4.*

4.1-r0

4.2-r0

4.4-r0

4.5-r0

4.6-r0

4.7-r0

4.8-r0

4.9-r0

4.10-r0

4.10-r1

4.12-r0

4.12-r1

4.12-r2

Alpine:v3.20 / libtasn1

Package

Name: libtasn1
Purl: pkg:apk/alpine/libtasn1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.13-r0

Affected versions

1.*

1.8-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.4-r0

2.5-r0

2.5-r1

2.6-r0

2.6-r1

2.6-r2

2.8-r0

2.8-r1

2.9-r0

2.9-r1

2.12-r0

2.13-r0

2.14-r0

3.*

3.1-r0

3.2-r0

3.3-r0

3.4-r0

3.6-r0

4.*

4.1-r0

4.2-r0

4.4-r0

4.5-r0

4.6-r0

4.7-r0

4.8-r0

4.9-r0

4.10-r0

4.10-r1

4.12-r0

4.12-r1

4.12-r2

Alpine:v3.4 / libtasn1

Package

Name: libtasn1
Purl: pkg:apk/alpine/libtasn1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.8-r3

Affected versions

1.*

1.8-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.4-r0

2.5-r0

2.5-r1

2.6-r0

2.6-r1

2.6-r2

2.8-r0

2.8-r1

2.9-r0

2.9-r1

2.12-r0

2.13-r0

2.14-r0

3.*

3.1-r0

3.2-r0

3.3-r0

3.4-r0

3.6-r0

4.*

4.1-r0

4.2-r0

4.4-r0

4.5-r0

4.6-r0

4.7-r0

4.8-r0

4.8-r1

4.8-r2

Alpine:v3.5 / libtasn1

Package

Name: libtasn1
Purl: pkg:apk/alpine/libtasn1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.9-r3

Affected versions

1.*

1.8-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.4-r0

2.5-r0

2.5-r1

2.6-r0

2.6-r1

2.6-r2

2.8-r0

2.8-r1

2.9-r0

2.9-r1

2.12-r0

2.13-r0

2.14-r0

3.*

3.1-r0

3.2-r0

3.3-r0

3.4-r0

3.6-r0

4.*

4.1-r0

4.2-r0

4.4-r0

4.5-r0

4.6-r0

4.7-r0

4.8-r0

4.9-r0

4.9-r1

4.9-r2

Alpine:v3.6 / libtasn1

Package

Name: libtasn1
Purl: pkg:apk/alpine/libtasn1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.10-r3

Affected versions

1.*

1.8-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.4-r0

2.5-r0

2.5-r1

2.6-r0

2.6-r1

2.6-r2

2.8-r0

2.8-r1

2.9-r0

2.9-r1

2.12-r0

2.13-r0

2.14-r0

3.*

3.1-r0

3.2-r0

3.3-r0

3.4-r0

3.6-r0

4.*

4.1-r0

4.2-r0

4.4-r0

4.5-r0

4.6-r0

4.7-r0

4.8-r0

4.9-r0

4.10-r0

4.10-r1

4.10-r2

Alpine:v3.7 / libtasn1

Package

Name: libtasn1
Purl: pkg:apk/alpine/libtasn1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12-r3

Affected versions

1.*

1.8-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.4-r0

2.5-r0

2.5-r1

2.6-r0

2.6-r1

2.6-r2

2.8-r0

2.8-r1

2.9-r0

2.9-r1

2.12-r0

2.13-r0

2.14-r0

3.*

3.1-r0

3.2-r0

3.3-r0

3.4-r0

3.6-r0

4.*

4.1-r0

4.2-r0

4.4-r0

4.5-r0

4.6-r0

4.7-r0

4.8-r0

4.9-r0

4.10-r0

4.10-r1

4.12-r0

4.12-r1

4.12-r2

Alpine:v3.8 / libtasn1

Package

Name: libtasn1
Purl: pkg:apk/alpine/libtasn1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.13-r0

Affected versions

1.*

1.8-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.4-r0

2.5-r0

2.5-r1

2.6-r0

2.6-r1

2.6-r2

2.8-r0

2.8-r1

2.9-r0

2.9-r1

2.12-r0

2.13-r0

2.14-r0

3.*

3.1-r0

3.2-r0

3.3-r0

3.4-r0

3.6-r0

4.*

4.1-r0

4.2-r0

4.4-r0

4.5-r0

4.6-r0

4.7-r0

4.8-r0

4.9-r0

4.10-r0

4.10-r1

4.12-r0

4.12-r1

4.12-r2

Alpine:v3.9 / libtasn1

Package

Name: libtasn1
Purl: pkg:apk/alpine/libtasn1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.13-r0

Affected versions

1.*

1.8-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.4-r0

2.5-r0

2.5-r1

2.6-r0

2.6-r1

2.6-r2

2.8-r0

2.8-r1

2.9-r0

2.9-r1

2.12-r0

2.13-r0

2.14-r0

3.*

3.1-r0

3.2-r0

3.3-r0

3.4-r0

3.6-r0

4.*

4.1-r0

4.2-r0

4.4-r0

4.5-r0

4.6-r0

4.7-r0

4.8-r0

4.9-r0

4.10-r0

4.10-r1

4.12-r0

4.12-r1

4.12-r2

Debian:11 / libtasn1-6

Package

Name: libtasn1-6
Purl: pkg:deb/debian/libtasn1-6?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.13-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / libtasn1-6

Package

Name: libtasn1-6
Purl: pkg:deb/debian/libtasn1-6?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.13-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / libtasn1-6

Package

Name: libtasn1-6
Purl: pkg:deb/debian/libtasn1-6?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.13-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / gitlab.com/gnutls/libtasn1

Affected ranges

Type: GIT
Repo: https://gitlab.com/gnutls/libtasn1
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

946565d8eb05fbf7970ea366e817581bb5a90910

Affected versions

Other

gnutls_0_5_0

gnutls_0_5_1

libasn1_0_1_0

libtasn1-0-3-2

libtasn1_0_1_2

libtasn1_0_2_0

libtasn1_0_2_1

libtasn1_0_2_10

libtasn1_0_2_11

libtasn1_0_2_12

libtasn1_0_2_13

libtasn1_0_2_14

libtasn1_0_2_15

libtasn1_0_2_16

libtasn1_0_2_17

libtasn1_0_2_18

libtasn1_0_2_2

libtasn1_0_2_3

libtasn1_0_2_4

libtasn1_0_2_5

libtasn1_0_2_6

libtasn1_0_2_7

libtasn1_0_2_8

libtasn1_0_2_9

libtasn1_0_3_0

libtasn1_0_3_1

libtasn1_0_3_10

libtasn1_0_3_2

libtasn1_0_3_3

libtasn1_0_3_4

libtasn1_0_3_5

libtasn1_0_3_6

libtasn1_0_3_7

libtasn1_0_3_8

libtasn1_0_3_9

libtasn1_1_0

libtasn1_1_1

libtasn1_1_2

libtasn1_1_3

libtasn1_1_4

libtasn1_1_5

libtasn1_1_6

libtasn1_2_0

libtasn1_2_1

libtasn1_2_10

libtasn1_2_11

libtasn1_2_12

libtasn1_2_13

libtasn1_2_2

libtasn1_2_3

libtasn1_2_4

libtasn1_2_5

libtasn1_2_6

libtasn1_2_7

libtasn1_2_8

libtasn1_2_9

libtasn1_3_0

libtasn1_3_1

libtasn1_3_2

libtasn1_3_3

libtasn1_3_4

libtasn1_3_5

libtasn1_3_6

libtasn1_4_0

libtasn1_4_1

libtasn1_4_11

libtasn1_4_12

libtasn1_4_2

libtasn1_4_3

libtasn1_4_4

libtasn1_4_5

libtasn1_4_6

libtasn1_4_8

libtasn1_4_9

libtasn1_after_rename

libtasn1_4.*

libtasn1_4.7