13 matches found
Important: Red Hat Security Advisory: OpenShift Container Platform 4.22.4 bug fix and security update
Red Hat OpenShift Container Platform release 4.22.4 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.22. Red Hat Product Security has rated this update as having a...
RHEL 8 : gnutls (RHSA-2026:20611)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20611 advisory. Please update the gnutls packages to provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and...
Debian dla-4595 : gnutls-bin - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4595 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4595-1 [email protected]...
Photon OS 5.0: Gnutls PHSA-2026-5.0-0852
An update of the gnutls package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0852. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
OESA-2026-2403 gnutls security update
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...
CLSA-2026-1779183792 gnutls: Fix of CVE-2026-42010
CVE-2026-42010: server-side RSA-PSK authentication bypass via NUL-byte truncation of binary PSK identities in gnutlsprocrsapskclientkx...
CLSA-2026-1778934026 Fix CVE(s): CVE-2026-42010
SECURITY UPDATE: Authentication bypass via NUL-byte truncation in RSA-PSK username lookup - debian/patches/CVE-2026-42010.patch: replace strleninfo-username with info-usernamelen in gnutlsprocrsapskclientkx in lib/auth/rsapsk.c to prevent NUL-byte truncation allowing username matching with...
ROOT-OS-DEBIAN-13-CVE-2026-42010 CVE-2026-42010 in rootio-gnutls28 - Patched by Root
Root has patched CVE-2026-42010 in the rootio-gnutls28 package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2026-42010 CVE-2026-42010 in rootio-gnutls28 - Patched by Root
Root has patched CVE-2026-42010 in the rootio-gnutls28 package for Root:Debian:12. Multiple fixed versions available...
CVE-2026-42010
creationtimestamp| type| source ---|---|--- 2026-05-07 14:09:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlbfe63k462q 2026-06-29 23:40:36+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mphny4mdks27 2026-06-29 23:41:51+00:00| seen|...
UBUNTU-CVE-2026-42010
A flaw was found in gnutls. Servers configured with RSA-PSK Rivest–Shamir–Adleman – Pre-Shared Key wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass...
SUSE CVE-2026-42010
A flaw was found in gnutls. Servers configured with RSA-PSK Rivest-Shamir-Adleman - Pre-Shared Key wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass...
Linux Distros Unpatched Vulnerability : CVE-2026-42010
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in gnutls. Servers configured with RSA-PSK RivestShamirAdleman Pre-Shared Key wrongfully matched usernames containing a NUL character with...