Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2017:1860
HistoryAug 01, 2017 - 5:55 a.m.

(RHSA-2017:1860) Moderate: libtasn1 security, bug fix, and enhancement update

2017-08-0105:55:26
access.redhat.com
32

EPSS

0.924

Percentile

99.0%

JSON

Libtasn1 is a library that provides Abstract Syntax Notation One (ASN.1, as specified by the X.680 ITU-T recommendation) parsing and structures management, and Distinguished Encoding Rules (DER, as per X.690) encoding and decoding functions.

The following packages have been upgraded to a later upstream version: libtasn1 (4.10). (BZ#1360639)

Security Fix(es):

  • A heap-based buffer overflow flaw was found in the way the libtasn1 library decoded certain DER-encoded inputs. A specially crafted DER-encoded input could cause an application using libtasn1 to perform an invalid read, causing the application to crash. (CVE-2015-3622)

  • A stack-based buffer overflow was found in the way libtasn1 decoded certain DER encoded data. An attacker could use this flaw to crash an application using the libtasn1 library. (CVE-2015-2806)

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.

Related

openvas 30
nessus 34
ibm 6
gentoo 1
oraclelinux 1
centos 1
archlinux 2
ubuntucve 2
cvelist 2
veracode 4
fedora 9
debian 5
debiancve 2
securityvulns 4
checkpoint_advisories 1
ubuntu 2
osv 3
prion 2
freebsd 1
mageia 2
cve 2
nvd 2
suse 2
openvas
openvas
RedHat Update for libtasn1 RHSA-2017:1860-01
2017-08-04 00:00:00
Huawei EulerOS: Security Advisory for libtasn1 (EulerOS-SA-2017-1172)
2020-01-23 00:00:00
Gentoo Security Advisory GLSA 201509-04
2015-09-29 00:00:00
nessus
nessus
RHEL 7 : libtasn1 (RHSA-2017:1860)
2017-08-03 00:00:00
GLSA-201509-04 : libtasn1: Multiple vulnerabilities
2015-09-25 00:00:00
Scientific Linux Security Update : libtasn1 on SL7.x x86_64 (20170801)
2017-08-22 00:00:00
ibm
ibm
Security Bulletin: IBM Security Access Manager appliances are affected by vulnerabilities in libtasn1 (CVE-2015-2806, CVE-2015-3622)
2018-06-16 22:03:36
Security Bulletin: Vulnerabilities in libtasn1 affect PowerKVM
2018-06-18 01:37:31
Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in libtasn1 (CVE-2015-3622, CVE-2015-2806)
2018-06-16 22:02:07
gentoo
gentoo
libtasn1: Multiple vulnerabilities
2015-09-24 00:00:00
oraclelinux
oraclelinux
libtasn1 security, bug fix, and enhancement update
2017-08-07 00:00:00
centos
centos
libtasn1 security update
2017-08-24 01:39:20
archlinux
archlinux
libtasn1: arbitrary code execution
2015-05-08 00:00:00
libtasn1: stack overflow
2015-04-03 00:00:00
ubuntucve
ubuntucve
CVE-2015-3622
2015-05-01 00:00:00
CVE-2015-2806
2015-04-01 00:00:00
cvelist
cvelist
CVE-2015-3622
2015-05-12 19:00:00
CVE-2015-2806
2015-04-10 14:00:00
veracode
veracode
Out-Of-Bounds Read
2018-08-08 03:02:05
Denial Of Service (DoS)
2018-05-22 06:57:51
Denial Of Service (DoS)
2019-05-02 06:44:46
fedora
fedora
[SECURITY] Fedora 21 Update: mingw-libtasn1-4.4-1.fc21
2015-04-21 19:16:16
[SECURITY] Fedora 21 Update: mingw-gnutls-3.3.14-1.fc21
2015-04-21 19:16:16
[SECURITY] Fedora 22 Update: libtasn1-4.4-1.fc22
2015-04-21 18:57:54
debian
debian
[SECURITY] [DSA 3220-1] libtasn1-3 security update
2015-04-11 21:19:14
[SECURITY] [DSA 3220-1] libtasn1-3 security update
2015-04-11 21:19:14
[SECURITY] [DLA 195-1] libtasn1-3 security update
2015-04-12 17:37:44
debiancve
debiancve
CVE-2015-3622
2015-05-12 19:59:24
CVE-2015-2806
2015-04-10 15:00:05
securityvulns
securityvulns
[ MDVSA-2015:232 ] libtasn1
2015-05-10 00:00:00
libtasn1 buffer overflow
2015-05-10 00:00:00
libtasn1 memory corruption
2015-04-08 00:00:00
checkpoint_advisories
checkpoint_advisories
GnuTLS libtasn1 _asn1_extract_der_octet Memory Access Error (CVE-2015-3622)
2015-07-16 00:00:00
ubuntu
ubuntu
Libtasn1 vulnerability
2015-05-11 00:00:00
Libtasn1 vulnerability
2015-04-08 00:00:00
osv
osv
libtasn1-3 - security update
2015-04-12 00:00:00
libtasn1-3 - security update
2015-04-11 00:00:00
libtasn1-4.9-1.3 on GA media
2024-06-15 00:00:00
prion
prion
Stack overflow
2015-04-10 15:00:00
Design/Logic Flaw
2015-05-12 19:59:00
freebsd
freebsd
libtasn1 -- stack-based buffer overflow in asn1_der_decoding
2015-04-11 00:00:00
mageia
mageia
Updated libtasn1 packages fix CVE-2015-2806
2015-04-03 16:11:23
Updated libtasn1 packages fix CVE-2015-3622
2015-05-06 20:44:06
cve
cve
CVE-2015-2806
2015-04-10 15:00:05
CVE-2015-3622
2015-05-12 19:59:24
nvd
nvd
CVE-2015-3622
2015-05-12 19:59:24
CVE-2015-2806
2015-04-10 15:00:05
suse
suse
Security update for SLES 12 Docker image (important)
2017-10-11 03:06:53
Security update for SLES 12-SP1 Docker image (important)
2017-10-11 03:07:32

EPSS

0.924

Percentile

99.0%

JSON
Related for RHSA-2017:1860
openvas30nessus34ibm6gentoo1oraclelinux1centos1archlinux2ubuntucve2cvelist2veracode4fedora9debian5debiancve2securityvulns4checkpoint_advisories1ubuntu2osv3prion2freebsd1mageia2cve2nvd2suse2