17 matches found
Security Bulletin: Multiple security vulnerabilities in RedHat UBI affect IBM Robotic Process Automation for Cloud Pak
Summary Multiple vulnerabilities in RedHat UBI affect IBM Robotic Process Automation for Cloud Pak. RedHat UBI is used as base imaged for IBM Robotic Process Automation for Cloud Pak images. This bulletin identifies the fixes required to address the vulnerabilites. Vulnerability Details...
ROOT-OS-ALPINE-322-CVE-2025-32989 CVE-2025-32989 in rootio-gnutls - Patched by Root
Root has patched CVE-2025-32989 in the rootio-gnutls package for Root:Alpine:3.22. Multiple fixed versions available...
CVE-2025-32989
creationtimestamp| type| source ---|---|--- 2026-01-21 21:18:16+00:00| seen| https://vulnerability.circl.lu/bundle/bbcbc485-b88d-4831-b8e9-6e37e7bd9875 2026-03-10 17:00:08+00:00| seen| https://t.me/truesecator/7979 2026-06-30 01:42:23+00:00| seen|...
Security Bulletin: Vulnerabilities in gnutls affect IBM SAN Volume Controller, IBM Spectrum Virtualize and IBM FlashSystem products
Summary Vulnerabilities in gnutls affect IBM Storage Virtualize products and could cause denial of service, confidentiality and integrity impacts. CVE-2025-32988 CVE-2025-32989. Vulnerability Details CVEID:CVE-2025-32988 DESCRIPTION: A flaw was found in GnuTLS. A double-free vulnerability exists ...
Siemens SIMATIC S7-1500 Improper Certificate Validation (CVE-2025-32989)
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
AlmaLinux 10 : gnutls (ALSA-2025:16115)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:16115 advisory. gnutls: Vulnerability in GnuTLS certtool template parsing CVE-2025-32990 gnutls: Vulnerability in GnuTLS SCT extension parsing CVE-2025-32989 gnutls:...
gnutls security, bug fix, and enhancement update
3.8.3-6.2 - keyupdate: rework the rekeying logic RHEL-107498 3.8.3-6.1 - Fix CVE-2025-32988, CVE-2025-32989, CVE-2025-32990, and CVE-2025-6395...
SUSE: Security Advisory (SUSE-SU-2025:02589-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: gnutls / libgnutls-devel / libgnutls-devel-32bit / libgnutls30 / etc (SUSE-SU-2025:02595-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02595-1 advisory. - CVE-2025-6395: Fix NULL pointer dereference when 2nd Client Hello omits PSK bsc1246299 -...
SUSE SLES15: gnutls / gnutls-guile / libgnutls-devel / libgnutls30 / etc (SUSE-SU-2025:02589-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02589-1 advisory. - CVE-2025-6395: Fix NULL pointer dereference when 2nd Client Hello omits PSK bsc1246299 - CVE-2025-32988: Fix double-free due to...
CVE-2025-32989 affecting package gnutls for versions less than 3.7.11-4
CVE-2025-32989 affecting package gnutls for versions less than 3.7.11-4. A patched version of the package is available...
Azure Linux 3.0 Security Update: gnutls (CVE-2025-32989)
The version of gnutls installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32989 advisory. - A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT...
CVE-2025-32989 affecting package gnutls for versions less than 3.8.3-5
CVE-2025-32989 affecting package gnutls for versions less than 3.8.3-5. A patched version of the package is available...
Slackware: Security Advisory (SSA:2025-191-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-32989
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
CVE-2025-32989
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
GnuTLS -- multiple vulnerabilities
Daiki Ueno reports: libgnutls: Fix heap read buffer overrun in parsing X.509 SCTS timestamps Spotted by oss-fuzz and reported by OpenAI Security Research Team, and fix developed by Andrew Hamilton. GNUTLS-SA-2025-07-07-1, CVSS: medium CVE-2025-32989 libgnutls: Fix double-free upon error when...