CVE-2025-0343

Name of the Vulnerable Software and Affected Versions Swift ASN.1 (affected versions not specified)

Description The issue is caused by a confusion in the ASN.1 library, which assumes that certain objects can only be provided in either constructed or primitive forms. This can trigger a preconditionFailure if the constraint is not met. The impact of this is that it can be used as a denial-of-service vector when parsing BER/DER data from unknown sources, such as when parsing TLS certificates. There is no memory-safety issue, and the crash is a graceful one from the Swift runtime.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.