Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gnutls (UTSA-2025-991094)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991094 advisory. A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN...

8.2CVSS6.2AI score0.01185EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.1 views

EulerOS 2.0 SP12 : gnutls (EulerOS-SA-2025-2326)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject...

8.2CVSS6.3AI score0.01185EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/10/07 7:40 a.m.4 views

gnutls: Vulnerability in GnuTLS otherName SAN export

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...

8.2CVSS7AI score0.01185EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/10/06 2:41 a.m.9 views

gnutls: Vulnerability in GnuTLS otherName SAN export

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...

8.2CVSS7AI score0.01185EPSS
Exploits0References5
OSV
OSV
added 2025/09/26 7:39 p.m.5 views

CLSA-2025-1758915545 Fix CVE(s): CVE-2025-32988, CVE-2025-32990

SECURITY UPDATE: double-free when exporting SAN otherName - debian/patches/CVE-2025-32988.patch: fix double-free triggered when exporting certificates with multiple SAN otherName entries. - CVE-2025-32988 SECURITY UPDATE: 1-byte heap write in certtool template parsing -...

8.2CVSS6.9AI score0.01185EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/09/17 5:13 p.m.5 views

gnutls: Vulnerability in GnuTLS otherName SAN export

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...

8.2CVSS7AI score0.01185EPSS
Exploits0References5
OSV
OSV
added 2025/09/09 1:45 p.m.12 views

USN-7742-1 gnutls28 vulnerabilities

It was discovered that GnuTLS incorrectly handled exporting Subject Alternative Name SAN entries containing an otherName. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LT...

8.2CVSS7.4AI score0.01185EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2025/09/09 1:45 p.m.6 views

USN-7742-1: GnuTLS vulnerabilities

It was discovered that GnuTLS incorrectly handled exporting Subject Alternative Name SAN entries containing an otherName. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LT...

8.2CVSS7.2AI score0.01185EPSS
Exploits0
OSV
OSV
added 2025/07/10 8:15 a.m.1 views

DEBIAN-CVE-2025-32988

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...

8.2CVSS7AI score0.01185EPSS
Exploits0References1
OSV
OSV
added 2025/07/10 8:15 a.m.4 views

ALPINE-CVE-2025-32988

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...

8.2CVSS6.4AI score0.01185EPSS
Exploits0References1
Rows per page
Query Builder