Gnutls Security Vulnerabilities and Issues — Gnutls CVE List

Lucene search

GnuGnutls

6 matches found

CVE•added 2021/03/12 7:15 p.m.•281 views

CVE-2021-20231

A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.

9.8CVSS9.5AI score0.00917EPSS

CVE•added 2021/03/12 7:15 p.m.•271 views

CVE-2021-20232

A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.

9.8CVSS9.5AI score0.00844EPSS

CVE•added 2017/03/24 3:59 p.m.•130 views

CVE-2017-5336

Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate.

9.8CVSS8.7AI score0.03938EPSS

CVE•added 2017/03/24 3:59 p.m.•129 views

CVE-2017-5337

Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.

9.8CVSS8.5AI score0.02809EPSS

CVE•added 2017/03/24 3:59 p.m.•107 views

CVE-2017-5334

Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension.

9.8CVSS8.5AI score0.05592EPSS

CVE•added 2008/05/21 1:24 p.m.•50 views

CVE-2008-1949

The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 continues to process Client Hello messages within a TLS message after one has already been processed, which allows remote attackers to cause a denial of service (NULL dereference and cr...

9.3CVSS6.1AI score0.15166EPSS