Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.
{ "binaries": [ { "binary_name": "libksba-dev", "binary_version": "1.3.5-2ubuntu0.18.04.2" }, { "binary_name": "libksba-mingw-w64-dev", "binary_version": "1.3.5-2ubuntu0.18.04.2" }, { "binary_name": "libksba8", "binary_version": "1.3.5-2ubuntu0.18.04.2" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "libksba-dev", "binary_version": "1.3.5-2ubuntu0.20.04.2" }, { "binary_name": "libksba-mingw-w64-dev", "binary_version": "1.3.5-2ubuntu0.20.04.2" }, { "binary_name": "libksba8", "binary_version": "1.3.5-2ubuntu0.20.04.2" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "libksba-dev", "binary_version": "1.6.0-2ubuntu0.2" }, { "binary_name": "libksba-mingw-w64-dev", "binary_version": "1.6.0-2ubuntu0.2" }, { "binary_name": "libksba8", "binary_version": "1.6.0-2ubuntu0.2" } ], "availability": "No subscription required" }