{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-13151", "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "state": "PUBLISHED", "assignerShortName": "certcc", "dateReserved": "2025-11-13T21:14:53.973Z", "datePublished": "2026-01-07T21:14:05.223Z", "dateUpdated": "2026-01-20T17:08:41.712Z"}, "containers": {"cna": {"title": "CVE-2025-13151", "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string."}], "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "value": "This issue was reported Benny Zelster from Microsoft Security Research", "type": "finder"}], "affected": [{"vendor": "GnuTLS", "product": "libtasn1", "versions": [{"status": "affected", "version": "0", "lessThanOrEqual": "4.20.0", "versionType": "semver"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}, {"descriptions": [{"lang": "en", "description": "CWE-121 Stack-based Buffer Overflow"}]}], "references": [{"url": "https://gitlab.com/gnutls/libtasn1", "name": "Source Code Respoitory"}, {"url": "https://gitlab.com/gnutls/libtasn1/-/merge_requests/121", "name": "Proposed Pull Request", "tags": ["patch"]}], "x_generator": {"engine": "VINCE 3.0.31", "env": "prod", "origin": "https://cveawg.mitre.org/api/cve/CVE-2025-13151"}, "providerMetadata": {"orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc", "dateUpdated": "2026-01-07T21:15:56.927Z"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-01-07T21:32:59.782767Z", "id": "CVE-2025-13151", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-07T21:33:12.865Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/01/08/5"}, {"url": "https://www.kb.cert.org/vuls/id/271649"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-01-20T17:08:41.712Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/01/08/5"}, {"url": "https://www.kb.cert.org/vuls/id/271649"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-01-20T17:08:41.712Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-13151", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-07T21:32:59.782767Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-07T21:32:37.425Z"}}], "cna": {"title": "CVE-2025-13151", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "This issue was reported Benny Zelster from Microsoft Security Research"}], "affected": [{"vendor": "GnuTLS", "product": "libtasn1", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "4.20.0"}]}], "references": [{"url": "https://gitlab.com/gnutls/libtasn1", "name": "Source Code Respoitory"}, {"url": "https://gitlab.com/gnutls/libtasn1/-/merge_requests/121", "name": "Proposed Pull Request", "tags": ["patch"]}], "x_generator": {"env": "prod", "engine": "VINCE 3.0.31", "origin": "https://cveawg.mitre.org/api/cve/CVE-2025-13151"}, "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}, {"descriptions": [{"lang": "en", "description": "CWE-121 Stack-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc", "dateUpdated": "2026-01-07T21:15:56.927Z"}}}, "cveMetadata": {"cveId": "CVE-2025-13151", "state": "PUBLISHED", "dateUpdated": "2026-01-20T17:08:41.712Z", "dateReserved": "2025-11-13T21:14:53.973Z", "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "datePublished": "2026-01-07T21:14:05.223Z", "assignerShortName": "certcc"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string."}], "id": "CVE-2025-13151", "lastModified": "2026-01-20T18:16:01.827", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-01-07T22:15:43.200", "references": [{"source": "cret@cert.org", "url": "https://gitlab.com/gnutls/libtasn1"}, {"source": "cret@cert.org", "url": "https://gitlab.com/gnutls/libtasn1/-/merge_requests/121"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2026/01/08/5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.kb.cert.org/vuls/id/271649"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string", "id": "2427698", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427698"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.9", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-120", "details": ["A flaw was found in libtasn1. A remote attacker could exploit a stack-based buffer overflow vulnerability in the `asn1_expend_octet_string` function. This occurs due to a failure in validating the size of input data. Successful exploitation can lead to a Denial of Service (DoS) condition, making the affected system or application unavailable."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2025-13151", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "libtasn1", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Affected", "package_name": "libtasn1", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "libtasn1", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "libtasn1", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "libtasn1", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "rhcos", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2026-01-07T21:14:05Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-13151\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-13151\nhttps://gitlab.com/gnutls/libtasn1\nhttps://gitlab.com/gnutls/libtasn1/-/merge_requests/121"], "statement": "This vulnerability is rated Moderate for Red Hat products. A stack-based buffer overflow in the `libtasn1` library, specifically within the `asn1_expend_octet_string` function, can be triggered by failing to validate input data size. This could allow a remote, unauthenticated attacker to cause a denial of service in applications utilizing `libtasn1`.", "threat_severity": "Moderate"}

{"created": "2026-01-08T09:48:00.995791+00:00", "updated": "2026-01-08T09:48:00.995818+00:00", "vendors": ["gnu", "gnu$PRODUCT$libtasn1"]}