CNNVD-202511-1289 Information

CNNVD ID

CNNVD-202511-1289

Related CVE

CVE-2025-42940

• CNNVD Published: 2025-11-11

Description (Chinese)

SAP CommonCryptoLib是德国思爱普（SAP）公司的一个密码库。 SAP CommonCryptoLib存在缓冲区错误漏洞，该漏洞源于预身份验证期间解析网络中的特制ASN.1数据时未执行必要的边界检查，可能导致内存损坏和应用程序崩溃，严重影响可用性。

Description (English)

SAP CommonCryptolib is a password bank for SAP in Germany. SAP CommonCryptoLib had a buffer zone error loophole, which stemmed from the failure to perform the required border checks when the custom-made ASN.1 data were analysed during pre-identification, which could lead to memory damage and the collapse of applications, seriously affecting usability.

Hazard Level

Medium

Vulnerability Type

缓冲区错误

Affected Vendor

思爱普

Published

2025-11-11

Last Modified

2026-02-24

References

https://me.sap.com/notes/3633049 https://url.sap/sapsecuritypatchday https://access.redhat.com/security/cve/cve-2025-42940

Patch

https://url.sap/sapsecuritypatchday