Gnu

Gnutls

68 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.2

CVE-2025-32990

  • EPSS 0.1%
  • Published 10.07.2025 09:41:46
  • Last modified 06.10.2025 12:15:33

A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL point...

5.3

CVE-2025-32989

  • EPSS 0.03%
  • Published 10.07.2025 08:05:26
  • Last modified 06.10.2025 12:15:33

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate cont...

8.2

CVE-2025-32988

  • EPSS 0.1%
  • Published 10.07.2025 08:04:57
  • Last modified 06.10.2025 12:15:33

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS wil...

7.5

CVE-2024-0567

Exploit
  • EPSS 1.3%
  • Published 16.01.2024 14:15:48
  • Last modified 21.11.2024 08:46:53

A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, r...

7.5

CVE-2024-0553

Exploit
  • EPSS 1.03%
  • Published 16.01.2024 12:15:45
  • Last modified 21.11.2024 08:46:51

A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing s...

5.9

CVE-2023-5981

  • EPSS 0.56%
  • Published 28.11.2023 12:15:07
  • Last modified 21.11.2024 08:42:54

A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.

7.4

CVE-2023-0361

Exploit
  • EPSS 1.2%
  • Published 15.02.2023 18:15:11
  • Last modified 19.03.2025 18:15:18

A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a s...

6.5

CVE-2021-4209

  • EPSS 0.17%
  • Published 24.08.2022 16:15:09
  • Last modified 21.11.2024 06:37:09

A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances...

7.5

CVE-2022-2509

  • EPSS 0.91%
  • Published 01.08.2022 14:15:09
  • Last modified 21.11.2024 07:01:08

A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.

9.8

CVE-2021-20232

  • EPSS 0.84%
  • Published 12.03.2021 19:15:13
  • Last modified 21.11.2024 05:46:10

A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.