CVE-2024-12133

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Feb 10, 2025

Updated: Feb 21, 2025

CWE ID 407

Summary

CVE-2024-12133 is a vulnerability affecting libtasn1, a library used for encoding and decoding ASN.1 data structures. The issue arises from inadequate handling of specific certificate data, leading to inefficient processing. If a system encounters a large number of elements in a certificate, it can experience prolonged delays or even crashes. An attacker can exploit this flaw by sending a specially crafted certificate, resulting in a denial-of-service attack.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Libtasn1

Affected Vendors

GNU Project

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/1OPcFc
https://www.cve.org/CVERecord?id=CVE-2024-12133
https://nvd.nist.gov/vuln/detail/CVE-2024-12133

Back to Vulnerability Database