Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2018-1000654

GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file.

  • Published: Aug 20, 2018
  • Updated: Apr 13, 2023
  • CVE: CVE-2018-1000654
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVSS v2:

  • Severity: High
  • Score: 7.1
  • AV:N/AC:M/Au:N/C:N/I:N/A:C

No CWE or OWASP classifications available.

Software From Fixed in
gnu / libtasn1 4.12 4.12.x
gnu / libtasn1 4.13 4.13.x