All vulnerabilities
CVE-2020-28196
Description
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
Patch Available
Fix available through Seal Security.
No upgrade required, protect your application instantly.
Fix without upgrading
Score
Severity
Ecosystem
APK
Publish Date
November 6, 2020
Modified Date
December 5, 2025
Score Vector
Affected Versions
