CVE-2026-27452

ASN.1 TypeScript Library: Decoding an INTEGER could leak the underlying ArrayBuffer

Description

ASN.1 TypeScript ESM library, including codecs for Basic Encoding Rules (BER) and Distinguished Encoding Rules (DER). In versions 11.0.5 and below, in some cases, decoding an INTEGER could leak the underlying ArrayBuffer. This issue is expected to be fixed in version 11.0.6.

INFO

Published Date :

2026-02-21T06:50:35.877Z

Last Modified :

2026-02-21T06:50:35.877Z

Source :

GitHub_M

AFFECTED PRODUCTS

The following products are affected by CVE-2026-27452 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-27452.

URL	Resource
https://github.com/JonathanWilbur/asn1-ts/security/advisories/GHSA-h5rw-vxjr-8q79

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability