exploitDog

CVE-2019-25049

Опубликовано: 01 июл. 2021

Источник: nvd

CVSS3: 7.1

CVSS2: 5.8

EPSS Низкий

Описание

LibreSSL 2.9.1 through 3.2.1 has an out-of-bounds read in asn1_item_print_ctx (called from asn1_template_print_ctx).

Ссылки

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13920
Exploit
Issue Tracking
Patch
Third Party Advisory
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libressl/OSV-2020-1965.yaml
Third Party Advisory
https://github.com/libressl-portable/portable/commit/17c88164016df821df2dff4b2b1291291ec4f28a
Patch
Third Party Advisory
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13920
Exploit
Issue Tracking
Patch
Third Party Advisory
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libressl/OSV-2020-1965.yaml
Third Party Advisory
https://github.com/libressl-portable/portable/commit/17c88164016df821df2dff4b2b1291291ec4f28a
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:openbsd:libressl:*:*:*:*:*:*:*:*

Версия от 2.9.1 (включая) до 3.2.1 (включая)

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

EPSS

Процентиль: 44%

0.00221

Низкий

7.1 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2019-25049

CVSS3: 7.1

debian

больше 4 лет назад

LibreSSL 2.9.1 through 3.2.1 has an out-of-bounds read in asn1_item_pr ...

GHSA-wjh5-hg9w-r7qm

github

больше 3 лет назад

LibreSSL 2.9.1 through 3.2.1 has an out-of-bounds read in asn1_item_print_ctx (called from asn1_template_print_ctx).

EPSS

Процентиль: 44%

0.00221

Низкий

7.1 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-125