4444 matches found
gnutls bug fix and enhancement update
An update is available for gnutls. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.4...
curl: curl GnuTLS backend accepts a clientAuth-only certificate for HTTPS server authentication
Summary: When curl/libcurl is built with the GnuTLS backend, the current HTTPS server-certificate validation path verifies the trust chain and hostname but does not enforce TLS server Extended Key Usage semantics. As a result, a leaf certificate that chains to a trusted CA, matches the requested...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : GnuTLS vulnerabilities (USN-8284-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8284-1 advisory. Joshua Rogers discovered that GnuTLS did not properly handle malformed DTLS handshake fragments in certain cases. A remot...
Photon OS 4.0: Gnutls PHSA-2026-4.0-1016
An update of the gnutls package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1016. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
USN-8284-1 gnutls28 vulnerabilities
Joshua Rogers discovered that GnuTLS did not properly handle malformed DTLS handshake fragments in certain cases. A remote attacker could possibly use this issue to obtain sensitive information, or cause a denial of service. CVE-2026-33845 Haruto Kimura, Oscar Reparaz, and Zou Dikai discovered th...
USN-8284-1: GnuTLS vulnerabilities
Joshua Rogers discovered that GnuTLS did not properly handle malformed DTLS handshake fragments in certain cases. A remote attacker could possibly use this issue to obtain sensitive information, or cause a denial of service. CVE-2026-33845 Haruto Kimura, Oscar Reparaz, and Zou Dikai discovered th...
Astra Linux - уязвимость в gnutls28
A flaw was discovered in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a speciall...
[SECURITY] [DSA 6281-1] gnutls28 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6281-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 19, 2026 https://www.debian.org/security/faq -...
Exploit for CVE-2026-45185
CVE-2026-45185 Nuclei Template Validation Lab This repository...
CLSA-2026-1779203444 gnutls: Fix of CVE-2026-33845
CVE-2026-33845: fix integer underflow and remote heap overrun in DTLS handshake reassembly by tracking startoffset and fraglength instead of an inclusive startoffset, endoffset range...
CLSA-2026-1779183792 gnutls: Fix of CVE-2026-42010
CVE-2026-42010: server-side RSA-PSK authentication bypass via NUL-byte truncation of binary PSK identities in gnutlsprocrsapskclientkx...
CLSA-2026-1779107085 gnutls: Fix of CVE-2026-3833
CVE-2026-3833: fix nameConstraints dNSName/rfc822Name case-sensitive memcmp bypass...
CLSA-2026-1779120390 gnutls: Fix of CVE-2026-3833
CVE-2026-3833: fix excludedSubtrees/permittedSubtrees bypass by performing case-insensitive comparison of dNSName and rfc822Name domain labels in X.509 nameConstraints processing...
CLSA-2026-1779120347 gnutls: Fix of CVE-2026-3833
CVE-2026-3833: fix nameConstraints dNSName/rfc822Name case-sensitive memcmp bypass...
Debian dsa-6281 : gnutls-bin - security update
The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6281 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6281-1 [email protected]...
CVE-2026-33845 affecting package gnutls for versions less than 3.8.3-9
CVE-2026-33845 affecting package gnutls for versions less than 3.8.3-9. A patched version of the package is available...
Undefined Behavior for Input to API
Overview Affected versions of this package are vulnerable to Undefined Behavior for Input to API in the comparator function responsible for ordering Datagram Transport Layer Security DTLS packets by sequence numbers. An attacker can cause unstable packet ordering or undefined behavior by sending...
CVE-2026-42009
A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...
CVE-2026-42009 Gnutls: gnutls: denial of service via dtls packet reordering vulnerability
A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...
CVE-2026-42009
CVE-2026-42009 affects the GnuTLS library, where DTLS packet reordering uses a comparator that mishandles duplicate sequence numbers. This can cause unstable DTLS packet ordering or undefined behavior, leading to a denial of service. The vulnerability is described consistently across NVD entries ...