Ecosystem	Package	Version

Vulnerabilities

CVE-2025-13151

CVE-2025-13151

Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string.

Published Jan 8, 2026

https://gitlab.com/gnutls/libtasn1/-/merge_requests/121

CVSS ScoreHigh

7.5

Ecosystem	Package	Version


conan	libtasn1	4.16.0
rpm	libtasn1	2.3-3.el6
rpm	libtasn1	2.3-3.el6_2.1
rpm	libtasn1	2.3-6.el6_5
rpm	libtasn1	3.3-3.el7
rpm	libtasn1	3.3-5.el7_0
rpm	libtasn1	3.8-2.el7
rpm	libtasn1	3.8-3.el7
rpm	libtasn1	4.10-1.el7
rpm	libtasn1	4.13-3.el8
rpm	libtasn1	4.13-4.el8_7
rpm	libtasn1	4.13-5.el8_10
rpm	libtasn1	4.16.0-7.el9
rpm	libtasn1	4.16.0-8.el9_1
rpm	libtasn1	4.16.0-9.el9
rpm	libtasn1	4.19.0-7.el10
rpm	libtasn1	4.20.0-1.el10
rpm	libtasn1-devel	2.3-3.el6
rpm	libtasn1-devel	2.3-3.el6_2.1
rpm	libtasn1-devel	2.3-6.el6_5
rpm	libtasn1-devel	3.3-3.el7
rpm	libtasn1-devel	3.3-5.el7_0
rpm	libtasn1-devel	3.8-2.el7
rpm	libtasn1-devel	3.8-3.el7
rpm	libtasn1-devel	4.10-1.el7
rpm	libtasn1-devel	4.13-3.el8
rpm	libtasn1-devel	4.13-4.el8_7
rpm	libtasn1-devel	4.13-5.el8_10
rpm	libtasn1-devel	4.16.0-7.el9
rpm	libtasn1-devel	4.16.0-8.el9_1
rpm	libtasn1-devel	4.19.0-7.el10
rpm	libtasn1-devel	4.20.0-1.el10
rpm	libtasn1-tools	2.3-3.el6
rpm	libtasn1-tools	2.3-3.el6_2.1
rpm	libtasn1-tools	2.3-6.el6_5
rpm	libtasn1-tools	3.3-3.el7
rpm	libtasn1-tools	3.3-5.el7_0
rpm	libtasn1-tools	3.8-2.el7
rpm	libtasn1-tools	3.8-3.el7
rpm	libtasn1-tools	4.10-1.el7
rpm	libtasn1-tools	4.13-3.el8
rpm	libtasn1-tools	4.13-4.el8_7
rpm	libtasn1-tools	4.13-5.el8_10
rpm	libtasn1-tools	4.16.0-7.el9
rpm	libtasn1-tools	4.16.0-8.el9_1
rpm	libtasn1-tools	4.19.0-7.el10
rpm	libtasn1-tools	4.20.0-1.el10
conda	main/libtasn1	4.16.0
conda	main/libtasn1	4.19.0
conda	main/libtasn1	4.20.0

CVE-2025-13151 | Components Impacted | Sonatype Guide | Sonatype Guide