Filtered by vendor Gnu
Subscriptions
Filtered by product Gnutls
Subscriptions
Total
66 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-5336 | 3 Gnu, Opensuse, Redhat | 3 Gnutls, Leap, Enterprise Linux | 2024-11-21 | N/A |
Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate. | ||||
CVE-2017-5335 | 3 Gnu, Opensuse, Redhat | 3 Gnutls, Leap, Enterprise Linux | 2024-11-21 | N/A |
The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate. | ||||
CVE-2017-5334 | 3 Gnu, Opensuse, Redhat | 3 Gnutls, Leap, Enterprise Linux | 2024-11-21 | N/A |
Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension. | ||||
CVE-2016-7444 | 2 Gnu, Redhat | 2 Gnutls, Enterprise Linux | 2024-11-21 | N/A |
The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc. | ||||
CVE-2016-4456 | 1 Gnu | 1 Gnutls | 2024-11-21 | 7.5 High |
The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem. | ||||
CVE-2015-8313 | 2 Debian, Gnu | 2 Debian Linux, Gnutls | 2024-11-21 | 5.9 Medium |
GnuTLS incorrectly validates the first byte of padding in CBC modes | ||||
CVE-2015-6251 | 2 Debian, Gnu | 2 Debian Linux, Gnutls | 2024-11-21 | N/A |
Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate. | ||||
CVE-2015-3308 | 2 Canonical, Gnu | 2 Ubuntu Linux, Gnutls | 2024-11-21 | N/A |
Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point. | ||||
CVE-2015-0294 | 3 Debian, Gnu, Redhat | 3 Debian Linux, Gnutls, Enterprise Linux | 2024-11-21 | 7.5 High |
GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate. | ||||
CVE-2015-0282 | 2 Gnu, Redhat | 2 Gnutls, Enterprise Linux | 2024-11-21 | N/A |
GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors. | ||||
CVE-2014-8564 | 4 Canonical, Gnu, Opensuse and 1 more | 8 Ubuntu Linux, Gnutls, Opensuse and 5 more | 2024-11-21 | N/A |
The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs. | ||||
CVE-2014-8155 | 2 Gnu, Redhat | 2 Gnutls, Enterprise Linux | 2024-11-21 | N/A |
GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is (1) not yet valid or (2) no longer valid. | ||||
CVE-2014-3469 | 4 Debian, Gnu, Redhat and 1 more | 15 Debian Linux, Gnutls, Libtasn1 and 12 more | 2024-11-21 | N/A |
The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument. | ||||
CVE-2014-3468 | 5 Debian, F5, Gnu and 2 more | 17 Debian Linux, Arx, Arx Firmware and 14 more | 2024-11-21 | N/A |
The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data. | ||||
CVE-2014-3467 | 5 Debian, F5, Gnu and 2 more | 17 Debian Linux, Arx, Arx Firmware and 14 more | 2024-11-21 | N/A |
Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data. | ||||
CVE-2014-3466 | 2 Gnu, Redhat | 2 Gnutls, Enterprise Linux | 2024-11-21 | N/A |
Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message. | ||||
CVE-2014-3465 | 2 Gnu, Redhat | 2 Gnutls, Enterprise Linux | 2024-11-21 | N/A |
The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN. | ||||
CVE-2014-1959 | 1 Gnu | 1 Gnutls | 2024-11-21 | N/A |
lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates. | ||||
CVE-2014-0092 | 2 Gnu, Redhat | 5 Gnutls, Enterprise Linux, Rhel Els and 2 more | 2024-11-21 | N/A |
lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. | ||||
CVE-2013-4487 | 2 Gnu, Opensuse | 2 Gnutls, Opensuse | 2024-11-21 | N/A |
Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.16 and 3.2.x before 3.2.6 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries. NOTE: this issue is due to an incomplete fix for CVE-2013-4466. |