CVE-2019-25049
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2019-25049
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-25049.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2019-25049
- Published
- 2021-07-01T03:15:07Z
- Modified
- 2025-10-18T09:07:32.300496Z
- Severity
-
- 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
LibreSSL 2.9.1 through 3.2.1 has an out-of-bounds read in asn1itemprintctx (called from asn1templateprintctx).
- References
Affected packages
Git / github.com/libressl-portable/portable
Git / github.com/libressl-portable/portable
Affected ranges
- Type
- GIT
- Repo
- https://github.com/libressl/portable
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v2.*
v2.1.2
v2.1.3
v2.1.4
v2.2.0
v2.2.1
v2.2.2
v2.3.0
v2.3.1
v2.3.2
v2.4.0
v2.4.1
v2.5.0
v2.5.1
v2.5.2
v2.6.0
v2.6.1
v2.6.2
v2.7.0
v2.7.1
v2.8.0
v2.8.1
v2.9.0
v3.*
v3.0.0
v3.0.1
v3.1.0
v3.2.0
v3.2.1
Database specific
vanir_signatures
[
{
"deprecated": false,
"id": "CVE-2019-25049-147a6fbc",
"signature_type": "Line",
"source": "https://github.com/libressl/portable/commit/17c88164016df821df2dff4b2b1291291ec4f28a",
"digest": {
"line_hashes": [
"15639898308729927978247378005892811868",
"76407720821467865174633925356724004625",
"130156156048970410686116810127046487736",
"84248831846572352076439490742949939391",
"267779803265829542691667918525065220225",
"210452100765747438824006292519864918327",
"132179612794580766846319612248323244003",
"239535219939452731868631818101800154990",
"153811501269921490264180862532013282835",
"242303426921549527578675504669369538548",
"18419159934902252177632296374866301352",
"188191144103931442352891934255782128618",
"332808576249300172380795322822804514505",
"270553827716499702466958773130396242437",
"30291165809836807875117337869816899675",
"108698066641428372755672646107801044273",
"298647186799070494271795774822929189071",
"122558147826555689524620402272928240303",
"94782551296599679341297896071496059999",
"7802401407722668597074501627206107632",
"24830338903469308420758827558518595324",
"130402100494391250054648755999608333159",
"253315623147940966158236780713721425434",
"209761980117150996460856475110077468345"
],
"threshold": 0.9
},
"target": {
"file": "include/compat/pthread.h"
},
"signature_version": "v1"
},
{
"deprecated": false,
"id": "CVE-2019-25049-1c1beeb3",
"signature_type": "Function",
"source": "https://github.com/libressl/portable/commit/17c88164016df821df2dff4b2b1291291ec4f28a",
"digest": {
"length": 82.0,
"function_hash": "244780377053432012148940938620421719693"
},
"target": {
"file": "include/compat/pthread.h",
"function": "pthread_mutex_unlock"
},
"signature_version": "v1"
},
{
"deprecated": false,
"id": "CVE-2019-25049-7b6002ac",
"signature_type": "Function",
"source": "https://github.com/libressl/portable/commit/17c88164016df821df2dff4b2b1291291ec4f28a",
"digest": {
"length": 82.0,
"function_hash": "244780377053432012148940938620421719693"
},
"target": {
"file": "include/compat/pthread.h",
"function": "pthread_mutex_lock"
},
"signature_version": "v1"
},
{
"deprecated": false,
"id": "CVE-2019-25049-da853d25",
"signature_type": "Function",
"source": "https://github.com/libressl/portable/commit/17c88164016df821df2dff4b2b1291291ec4f28a",
"digest": {
"length": 104.0,
"function_hash": "61046846630727700975991710224846621072"
},
"target": {
"file": "include/compat/pthread.h",
"function": "pthread_mutex_init"
},
"signature_version": "v1"
}
]