CVE-2017-7869
- EPSS 2.84%
- Veröffentlicht 14.04.2017 04:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is ...
CVE-2017-5337
- EPSS 6.18%
- Veröffentlicht 24.03.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.
CVE-2017-5336
- EPSS 7.07%
- Veröffentlicht 24.03.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate.
CVE-2017-5335
- EPSS 8.01%
- Veröffentlicht 24.03.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate.
CVE-2017-5334
- EPSS 32.75%
- Veröffentlicht 24.03.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Cert...
CVE-2016-7444
- EPSS 2.44%
- Veröffentlicht 27.09.2016 15:59:12
- Zuletzt bearbeitet 06.05.2026 22:30:45
The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism...
CVE-2015-3308
- EPSS 3.92%
- Veröffentlicht 02.09.2015 14:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point.
- EPSS 19.03%
- Veröffentlicht 24.08.2015 14:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate.
CVE-2014-8155
- EPSS 1.05%
- Veröffentlicht 14.08.2015 18:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is (1) not yet valid or (2) no longer valid.
- EPSS 1.4%
- Veröffentlicht 24.03.2015 17:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors.