Gnutls@3.6.3 Security Vulnerabilities and Issues — Gnutls@3.6.3 CVE List

Lucene search

GnuGnutls3.6.3

4 matches found

CVE•added 2021/03/12 7:15 p.m.•287 views

CVE-2021-20231

A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.

9.8CVSS9.5AI score0.00917EPSS

CVE•added 2021/03/12 7:15 p.m.•278 views

CVE-2021-20232

A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.

9.8CVSS9.5AI score0.00844EPSS

CVE•added 2020/04/03 1:15 p.m.•223 views

CVE-2020-11501

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks...

7.4CVSS7.2AI score0.10372EPSS

CVE•added 2019/04/01 3:29 p.m.•191 views

CVE-2019-3836

It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.

7.5CVSS6.2AI score0.00369EPSS