It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake...
7.5CVSS
7.4AI Score
0.013EPSS
A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is...
7.5CVSS
7.3AI Score
0.009EPSS
GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a...
7.5CVSS
7.3AI Score
0.004EPSS