PT-2025-29040

Name of the Vulnerable Software and Affected Versions GnuTLS versions prior to 3.7.9-2+deb12u5 GnuTLS versions prior to 3.8.10-alt1 GnuTLS versions prior to 3.6.16-alt8 Description The GnuTLS library contains a flaw due to incorrect ownership handling in the export logic of Subject Alternative Na...

GnuTLS -- multiple vulnerabilities

Daiki Ueno reports: libgnutls: Fix heap read buffer overrun in parsing X.509 SCTS timestamps Spotted by oss-fuzz and reported by OpenAI Security Research Team, and fix developed by Andrew Hamilton. GNUTLS-SA-2025-07-07-1, CVSS: medium CVE-2025-32989 libgnutls: Fix double-free upon error when...

PT-2025-29106

Name of the Vulnerable Software and Affected Versions: GnuTLS affected versions not specified Description: A flaw exists in GnuTLS within the gnutls figure common ciphersuite function. Reading specific settings from a template file can lead to an out-of-bounds NULL pointer write, causing memory...

PT-2025-29077

Name of the Vulnerable Software and Affected Versions: GnuTLS affected versions not specified Description: A heap-buffer-overflow flaw exists in the template parsing logic within the certtool utility. The issue occurs when reading certain settings from a template file, potentially leading to an...

Security Bulletin: Multiple vulnerabilities found in IBM TXSeries for Multiplatforms.

Summary IBM TXSeries for Multiplatforms has been updated in order to address multiple vulnerabilities CVE-2024-12243, CVE-2024-12133, CVE-2024-8176. Vulnerability Details CVEID:CVE-2024-12243 DESCRIPTION: A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an...

CLSA-2025-1751552765 Update of gnutls

Bump nettle dependency to 3.10.1 RHEL-52740...

AlmaLinux 9 : gnutls (ALSA-2025:7076)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7076 advisory. gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS CVE-2024-12243 Tenable has extracted the preceding description block directly...

Security Bulletin: IBM Security Guardium is affected by Multiple vulnerabilities in gnutls (CVE-2017-5337 CVE-2017-5336)

Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2017-5337 DESCRIPTION: GnuTLS could allow a remote attacker to execute arbitrary code on the system, caused by a stack or heap-based buffer overflow error. By sending a specially-crafted...

TencentOS Server 3: gnutls (TSSA-2025:0318)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0318 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 4: gnutls (TSSA-2024:0035)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0035 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 3: gnutls (TSSA-2024:0055)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0055 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 3: gnutls (TSSA-2023:0041)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0041 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 4: gnutls (TSSA-2025:0186)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0186 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 4: gnutls (TSSA-2024:0582)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0582 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 4: gnutls (TSSA-2024:0783)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0783 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 3: gnutls (TSSA-2024:0114)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0114 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Amazon Linux 2 : gnutls (ALAS-2025-2885)

The version of gnutls installed on the remote host is prior to 3.3.29-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2885 advisory. A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decodi...

Medium: gnutls

Issue Overview: A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send...

Medium: gnutls

Issue Overview: A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2025-1633)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...