Product:

Gnutls

(Gnu)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 65
Date Id Summary Products Score Patch Annotated
2017-08-08 CVE-2016-4456 The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem. Gnutls N/A
2020-01-27 CVE-2015-0294 GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate. Debian_linux, Gnutls, Enterprise_linux N/A
2019-12-20 CVE-2015-8313 GnuTLS incorrectly validates the first byte of padding in CBC modes Debian_linux, Gnutls N/A
2017-04-14 CVE-2017-7869 GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10. Gnutls 7.5
2017-06-16 CVE-2017-7507 GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application. Gnutls 7.5
2017-03-24 CVE-2017-5337 Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate. Gnutls, Leap 9.8
2017-03-24 CVE-2017-5336 Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate. Gnutls, Leap 9.8
2017-03-24 CVE-2017-5335 The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate. Gnutls, Leap 7.5
2017-03-24 CVE-2017-5334 Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension. Gnutls, Leap 9.8
2016-09-27 CVE-2016-7444 The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc. Gnutls 7.5