VDB
ALPINE-CVE-2021-46848
ALPINE-CVE-2021-46848
PUBLISHED
CVSS 9.100000381469727 CRITICAL
GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.
Risk Scores
CVSS v3.1
9.100000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.15 | libtasn1 | 2.9-r1, 3.1-r0, 3.2-r0 |
| Alpine:v3.22 | libtasn1 | 4.15.0-r0, 0, 1.8-r0 |
| Alpine:v3.16 | libtasn1 | 4.12-r2, 0, 2.9-r0 |
| Alpine:v3.17 | libtasn1 | 2.9-r1, 4.9-r0, 4.8-r0 |
| Alpine:v3.18 | libtasn1 | 4.12-r2, 4.12-r1, 4.12-r0 |
| Alpine:v3.21 | libtasn1 | 4.9-r0, 0, 1.8-r0 |
| Alpine:v3.19 | libtasn1 | 1.8-r0, 4.14-r0, 4.13-r0 |
| Alpine:v3.14 | libtasn1 | 2.0-r0, 2.1-r0, 2.13-r0 |
| Alpine:v3.23 | libtasn1 | 4.15.0-r0, 0, 1.8-r0 |
| Alpine:v3.20 | libtasn1 | 4.5-r0, 4.9-r0, 4.8-r0 |
Timeline
- Oct 24, 2022 CVE Published
- Dec 3, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch