Azure Linux 3.0 Security Update: gnutls (CVE-2024-28835)

The version of gnutls installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-28835 advisory. - A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a...

Siemens SIMATIC S7-1500 Uncaught Exception (CVE-2024-28835)

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the certtool --verify-chain command. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Linux Distros Unpatched Vulnerability : CVE-2024-28835

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the certtool...

ROS-20250813-06

A vulnerability in a software wrapper that allows arbitrary traffic to be hidden in an encrypted ssl tunnel Stunnel is related to incorrect client certificate validation when using the parameters redirection and VerifyChain parameters. Exploitation of the vulnerability could allow an attacker...

Astra Linux - уязвимость в gnutls28

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command...

OESA-2024-2264 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-2306)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.11.0 : gnutls (EulerOS-SA-2024-2192)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems lik...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-2167)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP12 : gnutls (EulerOS-SA-2024-2213)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the...

USN-6901-1 stunnel4 vulnerability

It was discovered that stunnel did not properly validate client certificates when configured to use both the redirect and verifyChain options. A remote attacker could potentially use this issue to obtain sensitive information by accessing the tunneled service...

EulerOS 2.0 SP11 : gnutls (EulerOS-SA-2024-1813)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leadi...

EulerOS 2.0 SP11 : gnutls (EulerOS-SA-2024-1834)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leadi...

gnutls: potential crash during chain building/verification

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command...

Medium: gnutls

Issue Overview: A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLSPRIVKEYFLAGREPRODUCIBLE flag, it can result in a noticeab...

gnutls: potential crash during chain building/verification

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command...

Amazon Linux 2023 : gnutls, gnutls-c++, gnutls-dane (ALAS2023-2024-591)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-591 advisory. A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios...

OESA-2024-1506 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

OESA-2024-1507 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

OESA-2024-1508 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...