Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS0zbTZmLTNnZmctNHg1Ns4AArs5
Panic on incorrect date input to `simple_asn1`
Version 0.6.0 of the simple_asn1 crate panics on certain malformed
inputs to its parsing functions, including from_der and der_decode.
Because this crate is frequently used with inputs from the network, this
should be considered a security vulnerability.
The issue occurs when parsing the old ASN.1 "UTCTime" time format. If an
attacker provides a UTCTime where the first character is ASCII but the
second character is above 0x7f, a string slice operation in the
from_der_ function will try to slice into the middle of a UTF-8
character, and cause a panic.
This error was introduced in commit
d7d39d709577710e9dc8,
which updated simple_asn1 to use time instead of chrono because of
RUSTSEC-2020-159.
Versions of simple_asn1 before 0.6.0 are not affected by this issue.
The patch was applied in
simple_asn1 version 0.6.1.
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS0zbTZmLTNnZmctNHg1Ns4AArs5
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: almost 2 years ago
Updated: 11 months ago
Identifiers: GHSA-3m6f-3gfg-4x56
References:
- https://github.com/acw/simple_asn1/issues/27
- https://rustsec.org/advisories/RUSTSEC-2021-0125.html
- https://github.com/acw/simple_asn1/commit/d7d39d709577710e9dc8833ee57d200eef366db8
- https://github.com/advisories/GHSA-3m6f-3gfg-4x56
Blast Radius: 0.0
Affected Packages
cargo:simple_asn1
Dependent packages: 32Dependent repositories: 3,224
Downloads: 19,060,963 total
Affected Version Ranges: = 0.6.0
Fixed in: 0.6.1
All affected versions: 0.6.0
All unaffected versions: 0.1.0, 0.2.0, 0.2.1, 0.3.0, 0.3.1, 0.4.0, 0.4.1, 0.5.0, 0.5.1, 0.5.2, 0.5.3, 0.5.4, 0.6.1, 0.6.2