An issue exists in the asn1_der crate prior to 0.6.2 for Rust. Attackers can trigger memory exhaustion by supplying a large value in a length field.
asn1 der project asn1 der