Lucene search
K
Mod Gnutls ProjectMod Gnutls

4 matches found

CVE
CVE
added 2023/02/23 9:45 p.m.65 views

CVE-2023-25824

CVE-2023-25824 affects the Mod_gnutls TLS module for Apache HTTPD (GnuTLS-based). Versions 0.9.0 through 0.12.0 do not properly fail blocking read operations on TLS connections when the transport times out, instead entering an endless loop that can consume CPU resources and, if trace logging is e...

7.5CVSS7.4AI score0.01091EPSS
CVE
CVE
added 2018/02/03 12:0 a.m.50 views

CVE-2009-5144

Summary: CVE-2009-5144 affects the Apache mod-gnutls module, which integrates GnuTLS with Apache HTTP Server. The vulnerability is that mod-gnutls does not validate client certificates when the directory context is configured with "GnuTLSClientVerify require", allowing a remote attacker to spoof ...

7.5CVSS7.3AI score0.0086EPSS
CVE
CVE
added 2026/03/24 1:36 a.m.18 views

CVE-2026-33308

CVE-2026-33308 affects mod_gnutls, a TLS module for Apache HTTPD based on GnuTLS. Prior to 0.13.0, the client-certificate verification code did not enforce the Extended Key Usage EKU key purpose; if an attacker possessed the private key of a valid certificate from a trusted CA but intended for a ...

6.8CVSS5.9AI score0.00205EPSS
CVE
CVE
added 2026/03/24 1:34 a.m.15 views

CVE-2026-33307

Mod_gnutls (Apache HTTPD TLS module) is affected by CVE-2026-33307 in versions prior to 0.12.3 and 0.13.0. The vulnerability arises from importing the client certificate chain into a fixed-size gnutls_x509_crt_t x509[] array without validating the number of certificates against the array length, ...

7.5CVSS6AI score0.00342EPSS