[gnutls-devel] libtasn1 | Parsing a certificate containing numerous names or name constraints leads to a DoS attack (#52)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Fri Feb 7 10:47:07 CET 2025
Simon Josefsson commented: https://gitlab.com/gnutls/libtasn1/-/issues/52#note_2336395888
Yeah I think the severity of this problem is low. I agree that it is the scaling factor that is the real concern. Re CVSS I think it is really complicated topic, but shouldn't Attack Complexity be Low?
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/issues/52#note_2336395888
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250207/0e5f65c9/attachment.html>
More information about the Gnutls-devel
mailing list