Medium: gnutls

🗓️ 03 May 2024 00:00:00Reported by AmazonType

amazon

amazon🔗 alas.aws.amazon.com👁 3 Views

GnuTLS has security flaws causing cryptographic vulnerabilities and crashes with specific commands.

Reporter	Title	Published	Views	Family All 226
IBM Security Bulletins	Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to glibc, Golang Go , Apache HTTP, IBM GSKit-Crypto and GnuTLS packages/liberaries .	22 May 202409:19	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM webMethods API Management	25 Apr 202510:44	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Storage Ceph is vulnerable to Use of a Broken or Risky Cryptographic Algorithm in the RHEL UBI (CVE-2024-28834)	27 Jun 202519:45	–	ibm
IBM Security Bulletins	Security Bulletin: Execution Engine for Apache Hadoop is vulnerable to denial of service, buffer overflow and allow a local authenticated attacker to gain elevated privileges	15 Apr 202502:36	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM webMethods Managed File Transfer	25 Apr 202510:53	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 9.1.1	30 Sep 202416:04	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities may affect Ubuntu packages that are shipped with IBM CICS TX Advanced.	16 Jul 202412:17	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Network Packet Capture includes components with multiple known vulnerabilities	15 Apr 202502:50	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Appliance is affected by multiple open source vulnerabilities.	3 Aug 202400:43	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues	20 Jun 202420:39	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Amazon Linux	2	aarch64	gnutls-c++-debuginfo	3.8.0-380.amzn2023.0.6	gnutls-c++-debuginfo-3.8.0-380.amzn2023.0.6.aarch64.rpm
Amazon Linux	2	aarch64	gnutls-utils-debuginfo	3.8.0-380.amzn2023.0.6	gnutls-utils-debuginfo-3.8.0-380.amzn2023.0.6.aarch64.rpm
Amazon Linux	2	aarch64	gnutls-dane-debuginfo	3.8.0-380.amzn2023.0.6	gnutls-dane-debuginfo-3.8.0-380.amzn2023.0.6.aarch64.rpm
Amazon Linux	2	aarch64	gnutls-debuginfo	3.8.0-380.amzn2023.0.6	gnutls-debuginfo-3.8.0-380.amzn2023.0.6.aarch64.rpm
Amazon Linux	2	aarch64	gnutls-dane	3.8.0-380.amzn2023.0.6	gnutls-dane-3.8.0-380.amzn2023.0.6.aarch64.rpm
Amazon Linux	2	aarch64	gnutls-debugsource	3.8.0-380.amzn2023.0.6	gnutls-debugsource-3.8.0-380.amzn2023.0.6.aarch64.rpm
Amazon Linux	2	aarch64	gnutls-c++	3.8.0-380.amzn2023.0.6	gnutls-c++-3.8.0-380.amzn2023.0.6.aarch64.rpm
Amazon Linux	2	aarch64	gnutls-utils	3.8.0-380.amzn2023.0.6	gnutls-utils-3.8.0-380.amzn2023.0.6.aarch64.rpm
Amazon Linux	2	aarch64	gnutls	3.8.0-380.amzn2023.0.6	gnutls-3.8.0-380.amzn2023.0.6.aarch64.rpm
Amazon Linux	2	aarch64	gnutls-devel	3.8.0-380.amzn2023.0.6	gnutls-devel-3.8.0-380.amzn2023.0.6.aarch64.rpm

03 May 2024 00:00Current

7.1High risk

Vulners AI Score7.1

CVSS 3.15.3

EPSS0.02116

SSVC

gnutls security flaws minerva attack deterministic behavior application crash timing side-channel update command