CVE-2019-25048
Published
CVSS v3
7.1
HIGH
CVSS v2
5.8
MEDIUM
Affected
2
PROJECTS
Description
LibreSSL 2.9.1 through 3.2.1 has a heap-based buffer over-read in do_print_ex (called from asn1_item_print_ctx and ASN1_item_print).
LibreSSL Portable itself. This includes the build scaffold and compatibility layer that builds portable LibreSSL from the OpenBSD source code. Pull requests or patches sent to [email protected] are welcome.
GitHub