CVE-2013-7098

OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection...

CVE-2013-7098

OpenConnect VPN client with GnuTLS before 5.02 is vulnerable to a heap overflow when MTU is increased on reconnection. Affected component: OpenConnect/GnuTLS stack prior to 5.02. Root cause: heap overflow due to MTU handling on reconnect. Impact is high in affected deployments per CVSS data. Reme...

USN-4233-2: GnuTLS update | Cloud Foundry

Severity Unknown Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description USN-4233-1 disabled SHA1 being used for digital signature operations in GnuTLS. In certain network environments, certificates using SHA1 may still be in use. This update adds the...

USN-4233-1: GnuTLS update | Cloud Foundry

Severity Unknown Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description As a security improvement, this update marks SHA1 as being untrusted for digital signature operations. Affected Cloud Foundry Products and Versions Severity is unknown unless...

gnutls:gnutls_pkcs12_key_parser_fuzzer: Global-buffer-overflow in _nettle_sec_tabselect

Project: https://gitlab.com/gnutls/gnutls.git Detailed Report: https://oss-fuzz.com/testcase?key=5143428189126656 Project: gnutls Fuzzing Engine: libFuzzer Fuzz Target: gnutlspkcs12keyparserfuzzer Job Type: libfuzzerasangnutls Platform Id: linux Crash Type: Global-buffer-overflow READ 8 Crash...

DEBIAN-CVE-2015-0294

GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate...

CVE-2015-0294

GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate...

CVE-2015-0294

GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate...

Code injection

GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate...

CVE-2015-0294

GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate...

CVE-2015-0294

The CVE-2015-0294 entry concerns GnuTLS before 3.3.13, where the library does not validate that the signature algorithms match when importing a certificate. The vulnerability is documented in multiple connected sources (e.g., MiracleLinux AXSA advisory referencing CVE-2015-0294 and vendor advisor...

CVE-2015-0294

GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate...

The vulnerability of the GnuTLS cryptographic library, related to access to an uninitialized pointer, allows a hacker to cause a service failure.

The vulnerability of the GnuTLS cryptographic library relates to access to an uninitialized pointer. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures when receiving asynchronous messages...

Ubuntu: Security Advisory (USN-4233-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS / 18.04 LTS : GnuTLS update (USN-4233-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4233-2 advisory. USN-4233-1 disabled SHA1 being used for digital signature operations in GnuTLS. In certain network environments, certificates using SHA1 may still be ...

USN-4233-2: GnuTLS update

USN-4233-1 disabled SHA1 being used for digital signature operations in GnuTLS. In certain network environments, certificates using SHA1 may still be in use. This update adds the %VERIFYALLOWBROKEN and %VERIFYALLOWSIGNWITHSHA1 priority strings that can be used to temporarily re-enable SHA1 until...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2019-1112)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2019-1272)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2019-2432)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2019-1292)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...