CVE-2025-13151

Опубликовано: 07 янв. 2026

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string.

Ссылки

https://gitlab.com/gnutls/libtasn1
Product
https://gitlab.com/gnutls/libtasn1/-/merge_requests/121
Patch
http://www.openwall.com/lists/oss-security/2026/01/08/5
Mailing List
Patch
https://www.kb.cert.org/vuls/id/271649
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gnu:libtasn1:4.20.0:*:*:*:*:*:*:*

EPSS

Процентиль: 17%

0.00055

Низкий

7.5 High

CVSS3

Дефекты

CWE-787

Связанные уязвимости

CVE-2025-13151

CVSS3: 7.5

ubuntu

около 1 месяца назад

Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string.

CVE-2025-13151

CVSS3: 7.5

debian

около 1 месяца назад

Stack-based buffer overflow in libtasn1 version: v4.20.0. The function ...

SUSE-SU-2026:0224-1

suse-cvrf

17 дней назад

Security update for libtasn1

SUSE-SU-2026:0118-1

suse-cvrf

26 дней назад

Security update for libtasn1

GHSA-f433-vfwr-65r3

CVSS3: 7.5

github

около 1 месяца назад

Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string.

EPSS

Процентиль: 17%

0.00055

Низкий

7.5 High

CVSS3

Дефекты

CWE-787