Total
69 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-20232 | 3 Fedoraproject, Gnu, Redhat | 3 Fedora, Gnutls, Enterprise Linux | 2025-12-03 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences. | |||||
| CVE-2022-2509 | 4 Debian, Fedoraproject, Gnu and 1 more | 4 Debian Linux, Fedora, Gnutls and 1 more | 2025-12-02 | N/A | 7.5 HIGH |
| A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function. | |||||
| CVE-2025-32990 | 2 Gnu, Redhat | 3 Gnutls, Enterprise Linux, Openshift Container Platform | 2025-12-01 | N/A | 6.5 MEDIUM |
| A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system. | |||||
| CVE-2025-32989 | 2 Gnu, Redhat | 3 Gnutls, Enterprise Linux, Openshift Container Platform | 2025-12-01 | N/A | 5.3 MEDIUM |
| A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly. | |||||
| CVE-2025-32988 | 2 Gnu, Redhat | 3 Gnutls, Enterprise Linux, Openshift Container Platform | 2025-12-01 | N/A | 6.5 MEDIUM |
| A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior. | |||||
| CVE-2023-5981 | 3 Fedoraproject, Gnu, Redhat | 3 Fedora, Gnutls, Linux | 2025-11-04 | N/A | 5.9 MEDIUM |
| A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. | |||||
| CVE-2017-7869 | 1 Gnu | 1 Gnutls | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10. | |||||
| CVE-2016-4456 | 1 Gnu | 1 Gnutls | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem. | |||||
| CVE-2017-5337 | 2 Gnu, Opensuse | 2 Gnutls, Leap | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate. | |||||
| CVE-2017-5335 | 2 Gnu, Opensuse | 2 Gnutls, Leap | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate. | |||||
| CVE-2017-5336 | 2 Gnu, Opensuse | 2 Gnutls, Leap | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate. | |||||
| CVE-2017-5334 | 2 Gnu, Opensuse | 2 Gnutls, Leap | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension. | |||||
| CVE-2017-7507 | 1 Gnu | 1 Gnutls | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application. | |||||
| CVE-2014-3466 | 1 Gnu | 1 Gnutls | 2025-04-12 | 6.8 MEDIUM | N/A |
| Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message. | |||||
| CVE-2016-7444 | 1 Gnu | 1 Gnutls | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc. | |||||
| CVE-2014-3468 | 5 Debian, F5, Gnu and 2 more | 16 Debian Linux, Arx, Arx Firmware and 13 more | 2025-04-12 | 7.5 HIGH | N/A |
| The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data. | |||||
| CVE-2014-3465 | 1 Gnu | 1 Gnutls | 2025-04-12 | 5.0 MEDIUM | N/A |
| The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN. | |||||
| CVE-2015-6251 | 2 Debian, Gnu | 2 Debian Linux, Gnutls | 2025-04-12 | 5.0 MEDIUM | N/A |
| Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate. | |||||
| CVE-2014-8564 | 4 Canonical, Gnu, Opensuse and 1 more | 7 Ubuntu Linux, Gnutls, Opensuse and 4 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs. | |||||
| CVE-2015-0282 | 1 Gnu | 1 Gnutls | 2025-04-12 | 5.0 MEDIUM | N/A |
| GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors. | |||||