A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.

...

ALPINE-CVE-2021-20232

A flaw was found in gnutls. A use after free issue in clientsendparams in lib/ext/presharedkey.c may lead to memory corruption and other potential consequences...

UBUNTU-CVE-2020-13777

GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3. The earliest affected version is 3.6.4 2018-09-24 because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS...

USN-4233-1 gnutls28 update

As a security improvement, this update marks SHA1 as being untrusted for digital signature operations...

Moderate: Red Hat Security Advisory: gnutls security, bug fix, and enhancement update

An update for gnutls is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

mod_gnutls: Certificate validation error

Background modgnutls is an extension for ​Apache’s httpd. It uses the ​GnuTLS library to provide HTTPS. It supports some protocols and features that modssl does not. Description It was discovered that the authentication hook in modgnutls does not validate client’s certificates even when option...

Debian Security Advisory DSA 3884-1 (gnutls28 - security update)

Hubert Kario discovered that GnuTLS, a library implementing the TLS and SSL protocols, does not properly decode a status response TLS extension, allowing a remote attacker to cause an application using the GnuTLS library to crash denial of service. OpenVAS Vulnerability Test $Id: deb3884.nasl 660...

USN-3309-1 libtasn1-6 vulnerability

Jakub Jirasek discovered that GnuTLS incorrectly handled certain assignments files. If a user were tricked into processing a specially crafted assignments file, a remote attacker could possibly execute arbirary code...

ALPINE-CVE-2017-6891

Two errors in the "asn1findnode" function lib/parseraux.c within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility...

The vulnerability of the GnuTLS library, which allows a hacker to cause a service failure

The vulnerability of the lib/x509/x509ext.c component in the GnuTLS library is related to a memory reclamation error. Exploiting this vulnerability could allow an attacker, operating remotely, to cause a service failure using a specially crafted CRL distribution point...

Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the gnutls library of the OpenSUSE operating system can lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

GnuTLS 'gnutls_x509_ext_import_crl_dist_points()' double release vulnerability

GnuTLS is a set of secure communication libraries for implementing SSL, TLS and DTLS protocols. A double-release vulnerability exists in the GnuTLS 'gnutlsx509extimportcrldistpoints' function, which could be exploited by an attacker to submit an ad-hoc request to cause a denial of service, or...

GnuTLS libtasn1 '_asn1_ltostr()' DER Decode Buffer Overflow Vulnerability

GnuTLS is a library of functions for implementing the TLS encryption protocol. GnuTLS libtasn1 versions prior to 4.4 suffer from a stack buffer overflow vulnerability in the implementation of the "asn1ltostr" function lib/parseraux.c, which can be exploited by an attacker to execute arbitrary cod...

USN-2540-1: GnuTLS vulnerabilities

It was discovered that GnuTLS did not perform date and time checks on CA certificates, contrary to expectations. This issue only affected Ubuntu 10.04 LTS. CVE-2014-8155 Nikos Mavrogiannopoulos discovered that GnuTLS incorrectly verified that signature algorithms matched. A remote attacker could...

CentOS Update for gnutls CESA-2014:0594 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 6 : gnutls (ELSA-2014-0595)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2014-0595 advisory. 2.8.5-14 - fix session ID length check 1102024 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

UBUNTU-CVE-2014-3466

Buffer overflow in the readserverhello function in lib/gnutlshandshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service memory corruption or possibly execute arbitrary code via a long session id in a ServerHello message...

SuSE Update for gnutls openSUSE-SU-2014:0325-1 (gnutls)

Check for the Version of gnutls OpenVAS Vulnerability Test $Id: gbsuse201403251.nasl 8044 2017-12-08 08:32:49Z santu $ SuSE Update for gnutls openSUSE-SU-2014:0325-1 gnutls Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program i...

gnutls (critical)

The gnutls library was updated to fix SSL certificate validation. Remote man-in-the-middle attackers were able to make the verification believe that a SSL certificate is valid even though it was not. Also the TLS-CBC timing attack vulnerability was fixed...

DEBIAN-CVE-2014-0092

lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate...