{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2006-0645","title":"Title"},{"category":"description","text":"Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via \"out-of-bounds access\" caused by invalid input, as demonstrated by the ProtoVer SSL test suite.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2006-0645","url":"https://www.suse.com/security/cve/CVE-2006-0645"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 149897 for CVE-2006-0645","url":"https://bugzilla.suse.com/149897"}],"title":"SUSE CVE CVE-2006-0645","tracking":{"current_release_date":"2023-02-15T06:16:12Z","generator":{"date":"2023-02-15T06:16:12Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2006-0645","initial_release_date":"2023-02-15T06:16:12Z","revision_history":[{"date":"2023-02-15T06:16:12Z","number":"2","summary":"Current version"}],"status":"interim","version":"2"}}}