CVE-2021-46848

GNU Libtasn1 before 4.19.0 has an ETYPEOK off-by-one array size check that affects asn1encodesimpleder...

ALSA-2022:7105 Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Double free during gnutlspkcs7verify. CVE-2022-2509 For more details about the security issues, including the...

Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Double free during gnutlspkcs7verify. CVE-2022-2509 For more details about the security issues, including the...

AlmaLinux 8 : gnutls (ALSA-2022:7105)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:7105 advisory. - A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutlspkcs7verify...

GNU Libtasn1 缓冲区错误漏洞

Libtasn1 is an ASN.1 library used by GnuTLS, p11-kit, and several other packages in the US GNU community. A buffer error vulnerability exists in GNU Libtasn1 versions prior to 4.19.0, which stems from its ETYPEOK array size check affecting asn1encodesimpleder...

Information Disclosure

samba is vulnerable to information disclosure. A local authenticated attacker is able to gain access to confidential information, because GnuTLS gnutlsrnd may fail and give predictable random values...

CVE-2021-4209 affecting package gnutls 3.6.14-6

CVE-2021-4209 affecting package gnutls 3.6.14-6. A patched version of the package is available...

Oracle Linux 9 : gnutls / and / nettle (ELSA-2022-6854)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-6854 advisory. gnutls 3.7.6-12 - fips: mark PBKDF2 with short key and output sizes non-approved - fips: only mark HMAC as approved in PBKDF2 - fips: mark gnutlskeygenerate wit...

Moderate: Red Hat Security Advisory: gnutls and nettle security, bug fix, and enhancement update

An update for gnutls and nettle is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

gnutls: Double free during gnutls_pkcs7_verify

A vulnerability was found in gnutls. This issue is due to a double-free error that occurs during the verification of pkcs7 signatures in the gnutlspkcs7verify function...

gnutls and nettle security, bug fix, and enhancement update

An update is available for nettle, gnutls. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gnutls packages provide the GNU Transport Layer Security GnuTLS...

gnutls and nettle security, bug fix, and enhancement update

gnutls 3.7.6-12 - fips: mark PBKDF2 with short key and output sizes non-approved - fips: only mark HMAC as approved in PBKDF2 - fips: mark gnutlskeygenerate with short key sizes non-approved - fips: fix checking on hash algorithm used in ECDSA - fips: preserve operation context around FIPS...

Moderate: gnutls and nettle security, bug fix, and enhancement update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages...

ALSA-2022:6854 Moderate: gnutls and nettle security, bug fix, and enhancement update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages...

RHEL 9 : gnutls and nettle (RHSA-2022:6854)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6854 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2022-2461)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : gnutls (EulerOS-SA-2022-2461)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in...

USN-5587-1: curl vulnerability | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Axel Chong discovered that when curl accepted and sent back cookies containing control bytes that a HTTPS server might return a 400 Bad Request Error response. A malicious cookie host...

Security Bulletin: IBM Platform Cluster Manager – Standard Edition (CVE-2014-0092, CVE-2009-5138)

Abstract Security vulnerability has been reported against GnuTLS where a remote attacker could be allowed to bypass security restrictions, providing them with access to the system. A version of GnuTLS that is vulnerable to the issue is included in past versions of IBM Platform Cluster Manager –...

SUSE SLES12 Security Update : samba (SUSE-SU-2022:3270-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3270-1 advisory. - In Samba, GnuTLS gnutlsrnd can fail and give predictable random values. CVE-2022-1615 Note that Nessus has not tested for this issue but h...