Skip to content

update: libtasn1 #1994

New issue
New issue
Open
Open
update: libtasn1#1994
Labels
advisorysecurity advisorycvss/HIGH> 7 && < 9 assessed CVSSsecuritysecurity concerns
@dongsupark

Description

@dongsupark
dongsupark
opened on Jan 19, 2026

Name: libtasn1
CVEs: CVE-2025-13151
CVSSs: 7.5
Action Needed: update to >= 4.21.0

Summary: Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string.

refmap.gentoo: https://bugs.gentoo.org/968531

Metadata

Metadata

Assignees

No one assigned

    Labels

    advisorysecurity advisorycvss/HIGH> 7 && < 9 assessed CVSSsecuritysecurity concerns

    Type

    No type

    Projects

    Flatcar tactical, release planning, and roadmap

    Status

    🪵Backlog

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions