Amazon Linux 2 : gnutls, --advisory ALAS2-2026-3324 (ALAS-2026-3324)

The version of gnutls installed on the remote host is prior to 3.3.29-9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3324 advisory. A remotely triggerable underflow in the DTLS reassembly code led to a heap overrun. The issue was reported in the issue...

CVE-2026-33307

Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. In versions prior to 0.12.3 and 0.13.0, code for client certificate verification imported the certificate chain sent by the client into a fixed size gnutlsx509crtt x509 array without checking the number of certificates is less than or...

MiracleLinux 8 : gnutls-3.6.14-7.0.1.el8 (AXSA:2021-1156:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1156:01 advisory. gnutls: Heap buffer overflow in handshake with norenegotiation alert sent CVE-2020-24659 Tenable has extracted the preceding description block directly from...

MiracleLinux 7 : gnutls-3.3.26-9.el7 (AXSA:2017-2203:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2203:01 advisory. GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language...

Siemens SIMATIC S7-1500 Use of Insufficiently Random Values (CVE-2020-11501)

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 2018-07-16 because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks...

CVE-2025-32989 affecting package gnutls for versions less than 3.7.11-4

CVE-2025-32989 affecting package gnutls for versions less than 3.7.11-4. A patched version of the package is available...

CVE-2025-32988 affecting package gnutls for versions less than 3.8.3-5

CVE-2025-32988 affecting package gnutls for versions less than 3.8.3-5. A patched version of the package is available...

CVE-2025-32990 affecting package gnutls for versions less than 3.8.3-5

CVE-2025-32990 affecting package gnutls for versions less than 3.8.3-5. A patched version of the package is available...

Vulnerabilities of the Gentoo Linux operating system, which allow a remote attacker to compromise the accessibility of protected information

Multiple vulnerabilities exist in the gnutls package up to version 2.12.23-r1 of the Gentoo Linux operating system. Exploitation of these vulnerabilities may lead to the compromise of protected information. These vulnerabilities can be exploited remotely...

The vulnerability of the Gentoo Linux operating system allows a malicious intruder to compromise the integrity of protected information.

The vulnerability of the gnutls package up to version 1.4.4 of the Gentoo Linux operating system can lead to the compromise of protected information. This vulnerability can be exploited remotely...

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the gnutls-c++-3.1.18 package for the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the gnutls-2.8.5 package for the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...