CLSA-2025-1762192914 gnutls: Fix of CVE-2025-6395

CVE-2025-6395: fix NULL pointer dereference flaw in gnutlsfigurecommonciphersuite...

CLSA-2025-1762192315 gnutls: Fix of CVE-2025-6395

CVE-2025-6395: fix NULL pointer dereference flaw in gnutlsfigurecommonciphersuite...

Astra Linux - уязвимость в gnutls28

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

curl: curl built with GnuTLS backend defaults to weak crypto parameters

Summary: Curl configured with GnuTLS backend --with-gnutls defaults using "NORMAL" as the base level of the library cryptographic security. From GnuTLS documentation: The message authenticity security level is of 64 bits or more, and the certificate verification profile is set to GNUTLSPROFILELOW...

OESA-2025-2610 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

CLSA-2025-1761844351 gnutls: Fix of CVE-2025-6395

CVE-2025-6395: fix NULL pointer dereference in gnutlsfigurecommonciphersuite...

Siemens SIMATIC Devices Observable Discrepancy (CVE-2024-0553)

A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange,...

Security Bulletin: Allocation of resources without limits, heap-buffer-overread, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service

Summary IBM Storage Defender - Resiliency service is vulnerable to allocation of resources without limits, heap-buffer-overread, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-32988 DESCRIPTION: A flaw was found in GnuTLS. A double-free vulnerability...

Fedora: Security Advisory (FEDORA-2025-246cd08b09)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Advisory ROSA-SA-2025-3040

Software: gnutls 3.6.16 OS: ROSA Virtualization 2.1 unaffected versions = gnutls-3.6.16-8.0.1.rv3.4 affected versions gnutls-3.6.16-8.0.1.1.rv3.4 CVE-ID: CVE-2024-12243 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in GnuTLS when processing ASN.1 data via libtasn1 could result in...

EulerOS 2.0 SP13 : gnutls (EulerOS-SA-2025-2291)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2025-2291)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP13 : gnutls (EulerOS-SA-2025-2259)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2025-2259)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TencentOS Server 3: gnutls (TSSA-2025:0814)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0814 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Alibaba Cloud Linux 3 : 0163: gnutls (ALINUX3-SA-2025:0163)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0163 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-32988: A flaw was found in GnuTLS...

A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing

GNU TLS is vulnerable to a denial-of-service DoS due to inefficient certificate processing in the libtasn1 library. An attacker could present a maliciously crafted certificate that contains a large amount of subject alternative name or name constraint inputs, potentially leading to excessive...

AlmaLinux 8 : gnutls (ALSA-2025:17415)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:17415 advisory. gnutls: Vulnerability in GnuTLS certtool template parsing CVE-2025-32990 gnutls: Vulnerability in GnuTLS otherName SAN export CVE-2025-32988 gnutls: NULL...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2025-2194)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2025-2226)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...