Astra Linux - уязвимость в gnutls28

A vulnerability was discovered in GnuTLS. The response times to malformed ciphertexts in the RSA-PSK ClientKeyExchange differ from those of ciphertexts with correct PKCS1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack during the RSA-PSK key exchange,...

CVE-2026-2645

In wolfSSL 5.8.2 and earlier, a logic flaw existed in the TLS 1.2 server state machine implementation. The server could incorrectly accept the CertificateVerify message before the ClientKeyExchange message had been received. This issue affects wolfSSL before 5.8.4 wolfSSL 5.8.2 and earlier is...

EUVD-2026-13135

In wolfSSL 5.8.2 and earlier, a logic flaw existed in the TLS 1.2 server state machine implementation. The server could incorrectly accept the CertificateVerify message before the ClientKeyExchange message had been received. This issue affects wolfSSL before 5.8.4 wolfSSL 5.8.2 and earlier is...

CVE-2026-2645

In wolfSSL 5.8.2 and earlier, a logic flaw existed in the TLS 1.2 server state machine implementation. The server could incorrectly accept the CertificateVerify message before the ClientKeyExchange message had been received. This issue affects wolfSSL before 5.8.4 wolfSSL 5.8.2 and earlier is...

CVE-2026-2645

CVE-2026-2645 concerns wolfSSL’s TLS 1.2 server state machine: in 5.8.2 and earlier a logic flaw could allow accepting a CertificateVerify before ClientKeyExchange. The issue affects wolfSSL versions before 5.8.4; 5.8.4 detects the problem later in the handshake, while 5.9.0 hardened to catch it ...

CVE-2026-2645

In wolfSSL 5.8.2 and earlier, a logic flaw existed in the TLS 1.2 server state machine implementation. The server could incorrectly accept the CertificateVerify message before the ClientKeyExchange message had been received. This issue affects wolfSSL before 5.8.4 wolfSSL 5.8.2 and earlier is...

PT-2026-26321

Name of the Vulnerable Software and Affected Versions wolfSSL versions prior to 5.8.4 Description A flaw existed in the TLS 1.2 server state machine implementation where the server could incorrectly accept the CertificateVerify message before the ClientKeyExchange message was received. This issue...

EUVD-2015-0549

Malware in sbrugna...

EUVD-2023-12422

Malicious code in bioql PyPI...

EUVD-2023-58248

Malicious code in bioql PyPI...

Alibaba Cloud Linux 3 : 0035: gnutls (ALINUX3-SA-2023:0035)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0035 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-0361: A timing side-channel in the handlin...

Alibaba Cloud Linux 3 : 0019: gnutls (ALINUX3-SA-2024:0019)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0019 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-5981: A vulnerability was found that the...

CBL Mariner 2.0 Security Update: gnutls (CVE-2023-5981)

The version of gnutls installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5981 advisory. - A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange diffe...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-2653)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : gnutls (EulerOS-SA-2024-2467)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of...

RHEL 7 : gnutls (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gnutls: Bleichenbacher-like side channel leakage in PKCS1 v1.5 verification and padding oracle verificati...

EulerOS Virtualization 2.10.1 : gnutls (EulerOS-SA-2024-1545)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response time...

EulerOS 2.0 SP9 : gnutls (EulerOS-SA-2024-1507)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertext...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1507)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : gnutls (EulerOS-SA-2024-1486)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertext...