Lucene search
+L

5 matches found

RedHat Linux
RedHat Linux
added 2026/06/29 2:40 a.m.6 views

gnutls: gnutls: Information disclosure via heap overread in RSA key exchange

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...

8.2CVSS5.8AI score0.00727EPSS
Exploits0References5
Snyk
Snyk
added 2026/05/27 12:47 a.m.10 views

Improper Validation of Specified Quantity in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the rsa key exchange process when handling an extremely short premaster secret sent to a server using an RSA key backed by a PKCS11 token. An attacker can access sensitive informatio...

8.8CVSS5.8AI score0.00727EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/26 9:29 p.m.18 views

CVE-2026-5260

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...

8.2CVSS5.8AI score0.00727EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/26 9:29 p.m.14 views

CVE-2026-5260 Gnutls: gnutls: information disclosure via heap overread in rsa key exchange

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...

8.2CVSS5.8AI score0.00727EPSS
Exploits0References14
RedHat Linux
RedHat Linux
added 2026/05/02 10:26 p.m.3 views

gnutls: gnutls: Information disclosure via heap overread in RSA key exchange

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...

8.2CVSS6.1AI score0.00727EPSS
Exploits0References5
Rows per page
Query Builder