Lucene search
K

112 matches found

RedHat Linux
RedHat Linux
added 6 days ago4 views

gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification

A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names SANs...

5.3CVSS6.7AI score0.00638EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 6 days ago3 views

gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier URI or Service SRV Subject Alternative Names SANs. This could cause the certificate validation process to incorrectly fall back to...

7.1CVSS5.8AI score0.00354EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 6 days ago7 views

gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier URI or Service SRV Subject Alternative Names SANs. This could cause the certificate validation process to incorrectly fall back to...

7.1CVSS5.8AI score0.00354EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 6 days ago4 views

gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification

A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names SANs...

5.3CVSS6.7AI score0.00638EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 6 days ago4 views

gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier URI or Service SRV Subject Alternative Names SANs. This could cause the certificate validation process to incorrectly fall back to...

7.1CVSS5.8AI score0.00354EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 6 days ago4 views

gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification

A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names SANs...

5.3CVSS6.7AI score0.00638EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 6 days ago5 views

gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier URI or Service SRV Subject Alternative Names SANs. This could cause the certificate validation process to incorrectly fall back to...

7.1CVSS5.8AI score0.00354EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/25 6:37 p.m.6 views

gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier URI or Service SRV Subject Alternative Names SANs. This could cause the certificate validation process to incorrectly fall back to...

7.1CVSS5.8AI score0.00354EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in gnutls28

A flaw was discovered in GnuTLS. This vulnerability allows for a denial of service attack through excessive CPU usage and memory consumption, caused by specially crafted malicious certificates that contain a large number of name constraints and Subject Alternative Names SANs...

5.3CVSS6.8AI score0.00638EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.9 views

RHEL 10 : gnutls (RHSA-2026:26409)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26409 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such ...

9.8CVSS6AI score0.01335EPSS
Exploits2References28
NVD
NVD
added 2026/06/11 4:16 p.m.49 views

CVE-2026-9648

The crypton-x509-validation Haskell library fails to enforce X.509 NameConstraints, allowing TLS clients to accept certificates whose Subject Alternative Names fall outside the issuing CA’s permitted subtrees. This oversight enables an attacker who compromises a name-constrained sub-CA to...

9.1CVSS0.00223EPSS
Exploits0References5
OSV
OSV
added 2026/06/11 4:16 p.m.5 views

UBUNTU-CVE-2026-9648

The crypton-x509-validation Haskell library fails to enforce X.509 NameConstraints, allowing TLS clients to accept certificates whose Subject Alternative Names fall outside the issuing CA’s permitted subtrees. This oversight enables an attacker who compromises a name-constrained sub-CA to...

9.1CVSS5.2AI score0.00223EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.8 views

EulerOS 2.0 SP11 : gnutls (EulerOS-SA-2026-2244)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory consumption via...

5.3CVSS6.7AI score0.00638EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.6 views

EulerOS 2.0 SP11 : gnutls (EulerOS-SA-2026-2206)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory consumption via...

5.3CVSS6.7AI score0.00638EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.15 views

Amazon Linux 2023 : gnutls, gnutls-c++, gnutls-dane (ALAS2023-2026-1808)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1808 advisory. Permitted name constraints were wrongfully ignored when prior CAs only had excluded name constraints, resulting in a name constraint bypass. The issue was reported in the issue tracker as 1824...

8.2CVSS5.5AI score0.00475EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.7 views

EulerOS Virtualization 2.10.1 : gnutls (EulerOS-SA-2026-2021)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory...

5.3CVSS5.5AI score0.00638EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.10 views

PT-2026-45962

crypton-x509-validation and crypton-x509 do not enforce X.509 Name Constraints The crypton-x509-validation and crypton-x509 libraries did not enforce the X.509 Name Constraints extension during certificate validation. The Name Constraints extension is a critical X.509 extension that restricts the...

5.9AI score
Exploits0References5
Debian CVE
Debian CVE
added 2026/06/02 10:1 p.m.14 views

CVE-2026-27145

x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically based on the number...

7.5CVSS5.9AI score0.00904EPSS
Exploits0
OSV
OSV
added 2026/06/02 9:39 p.m.10 views

GO-2026-5037 Inefficient candidate hostname parsing in crypto/x509

x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically based on the number...

7.5CVSS5.9AI score0.00904EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from repeatedly calling strings.Split within loops, causing the validation cost to increa...

7.5CVSS5.3AI score0.00904EPSS
Exploits0References4
Rows per page
Query Builder