Unity Linux 20.1060e / 20.1070e Security Update: mutt (UTSA-2026-016642)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016642 advisory. Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate. Tenable has...

CVE-2026-33308 mod_gnutls missing key purpose check in client certificate verification

Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not check the key purpose as set in the Extended Key Usage extension. An attacker with access to the private key for a valid certificate issued by a CA trusted for TLS...

EUVD-2020-6311

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2024-55581

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of...

Linux Distros Unpatched Vulnerability : CVE-2020-14154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate...

CVE-2024-55581

When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate unless the using program specifies a TLS configuration...

EulerOS 2.0 SP5 : mutt (EulerOS-SA-2020-2258)

According to the versions of the mutt package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response.CVE-2020-14093 - Mutt before 1.14.4 and NeoMutt befo...

CVE-2020-14154

Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate...

CVE-2020-14154

Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate...

CVE-2020-14154

Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate...

GnuTLS Certificate Validation Security Bypass Vulnerability

GnuTLS is a library of functions for implementing the TLS encryption protocol. A de-security vulnerability exists in GnuTLS certificate validation, which allows an attacker to exploit this vulnerability to bypass certain security restrictions and conduct man-in-the-middle attacks...

[SECURITY] [DSA 2866-1] gnutls26 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2866-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 22, 2014 http://www.debian.org/security/faq -...

CURL-CVE-2007-3564 GnuTLS insufficient cert verification

libcurl when built to use GnuTLS fails to verify that a peer's certificate has not already expired or has not yet become valid. This allows malicious servers to present certificates to libcurl that were not rejected properly. Notably, the CA certificate and common name checks are still in place...