View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2017-6891 severity moderate: SUSE including 40 source package names (24.4:libtasn1-4.9-3.10.1, 24.4:libtasn1-6-4.9-3.10.1, …), 244 product×package rows across 66 product lines (Container caasp/v4/nginx-ingress-controller, Container suse/ltss/sle12.5/sles12sp5, … (66 product lines)): Known Not Affected 129, Fixed 115.
Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility.