Gnu

Gnutls

73 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2017-5337

  • EPSS 3.73%
  • Veröffentlicht 24.03.2017 15:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.

9.8

CVE-2017-5336

  • EPSS 3.95%
  • Veröffentlicht 24.03.2017 15:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate.

7.5

CVE-2017-5335

  • EPSS 2.67%
  • Veröffentlicht 24.03.2017 15:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate.

9.8

CVE-2017-5334

  • EPSS 5.59%
  • Veröffentlicht 24.03.2017 15:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Cert...

7.5

CVE-2016-7444

  • EPSS 1.02%
  • Veröffentlicht 27.09.2016 15:59:12
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism...

7.5

CVE-2015-3308

  • EPSS 1.39%
  • Veröffentlicht 02.09.2015 14:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point.

5

CVE-2015-6251

  • EPSS 6.69%
  • Veröffentlicht 24.08.2015 14:59:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate.

4.3

CVE-2014-8155

  • EPSS 0.29%
  • Veröffentlicht 14.08.2015 18:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is (1) not yet valid or (2) no longer valid.

5

CVE-2015-0282

  • EPSS 0.2%
  • Veröffentlicht 24.03.2015 17:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors.

5

CVE-2014-8564

  • EPSS 0.7%
  • Veröffentlicht 13.11.2014 21:32:13
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptograp...