Gnutls@3.1.6 Security Vulnerabilities and Issues — Gnutls@3.1.6 CVE List

Lucene search

GnuGnutls3.1.6

8 matches found

cve•added 2014/03/07 12:10 a.m.•144 views

CVE-2014-0092

lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.

5.8CVSS7.1AI score0.03379EPSS

cve•added 2013/11/20 2:12 p.m.•143 views

CVE-2013-4466

Buffer overflow in the dane_query_tlsa function in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.15 and 3.2.x before 3.2.5 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries.

5CVSS6.5AI score0.00365EPSS

cve•added 2014/06/03 2:55 p.m.•120 views

CVE-2014-3466

Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message.

6.8CVSS7.4AI score0.23263EPSS

cve•added 2013/02/08 7:55 p.m.•107 views

CVE-2013-1619

The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks a...

4CVSS6.8AI score0.01291EPSS

cve•added 2014/03/07 12:10 a.m.•73 views

CVE-2014-1959

lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates.

5.8CVSS6.3AI score0.0023EPSS

cve•added 2014/11/13 9:32 p.m.•66 views

CVE-2014-8564

The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing r...

5CVSS6.3AI score0.00812EPSS

cve•added 2014/06/10 2:55 p.m.•60 views

CVE-2014-3465

The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN.

5CVSS6.3AI score0.00736EPSS

cve•added 2013/11/20 2:12 p.m.•58 views

CVE-2013-4487

Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.16 and 3.2.x before 3.2.6 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries. NOTE: this issue is due to an incomplete fix for CVE-2013-...

5CVSS6.4AI score0.00365EPSS