CVE-2025-0343: 
Swift vulnerability analysis and mitigation

Swift ASN.1 library contains a vulnerability (CVE-2025-0343) discovered in January 2025 that can cause crashes when parsing certain BER/DER constructions. The vulnerability stems from a confusion in the ASN.1 library's handling of constructed or primitive forms of objects, where the library incorrectly assumes certain constraints without proper enforcement during early node parsing (Swift Advisory).

The vulnerability occurs when parsing BER/DER format objects, where the library assumes certain objects can only be provided in either constructed or primitive forms. While these constraints are required to be true in DER, the correctness wasn't enforced during early node parsing, leading to incorrect reliance during decoding. When triggered, the issue results in a preconditionFailure in the Swift runtime (Swift Advisory). The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (NVD).

The primary impact of this vulnerability is its potential use as a denial-of-service vector when parsing BER/DER data from unknown sources, such as when parsing TLS certificates. While the crash is described as 'graceful' through the Swift runtime and does not present memory-safety issues, it can effectively disrupt service operations (Swift Advisory).

The vulnerability has been patched in version 1.3.1 of the Swift ASN.1 library. Users are advised to upgrade to this version or later to address the issue (Swift Advisory).