from 0, < 3.7.1-5+deb11u10
from 0, < 3.7.1-1
from 0, < 3.7.1-1
CRITICAL9.8Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers t…
from 0, < 3.5.8-1
CRITICAL9.8Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows…
from 0, < 3.5.8-1
CRITICAL9.8Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attacke…
from 0, < 3.5.8-1
CRITICAL9.1A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow du…
from 0, < 3.7.1-5+deb11u10
HIGH8.2A flaw was found in libgnutls.
from 0, < 3.7.1-5+deb11u10
HIGH8.2A flaw was found in gnutls.
from 0, < 3.7.1-5+deb11u10
HIGH8.2A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility.
from 0, < 3.7.1-5+deb11u8
HIGH8.2gnutls28 - security update
from 0, < 3.7.1-5+deb11u8
HIGH8.2gnutls28 - security update
from 0, < 3.7.1-5+deb11u8
HIGH8.2gnutls28 - security update
from 0, < 3.7.9-2+deb12u5
HIGH7.5A flaw was found in gnutls.
from 0, < 3.7.1-5+deb11u10
HIGH7.5A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS.
from 0, < 3.7.1-5+deb11u10
HIGH7.5A flaw was found in gnutls.
from 0, < 3.8.12-1
HIGH7.5A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust.
from 0, < 3.7.1-5+deb11u5
HIGH7.5gnutls28 - security update
from 0, < 3.6.7-4+deb10u12
HIGH7.5gnutls28 - security update
from 0, < 3.7.1-5+deb11u5
HIGH7.5gnutls28 - security update
from 0, < 3.7.1-5+deb11u2
HIGH7.5gnutls28 - security update
from 0, < 3.7.1-5+deb11u2
HIGH7.5An issue was discovered in GnuTLS before 3.6.15.
from 0, < 3.6.15-1
HIGH7.5GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.
from 0, < 3.3.8-6
HIGH7.5It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later w…
from 0, < 3.6.7-2
HIGH7.5A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7.
from 0, < 3.6.7-2
HIGH7.5The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the files…
from 0, < 3.4.13-1
HIGH7.5gnutls28 - security update
from 0, < 3.5.8-5+deb9u1
HIGH7.5gnutls28 - security update
from 0, < 3.5.8-6
HIGH7.5GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_rea…
from 0, < 3.5.8-4
HIGH7.5The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a…
from 0, < 3.5.8-1
HIGH7.5The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length…
from 0, < 3.5.3-4
HIGH7.4A flaw was found in gnutls.
from 0, < 3.7.1-5+deb11u10
HIGH7.4A flaw was found in gnutls.
from 0, < 3.7.1-5+deb11u10
HIGH7.4gnutls28 - security update
from 0, < 3.6.7-4+deb10u10
HIGH7.4gnutls28 - security update
from 0, < 3.7.1-5+deb11u3
HIGH7.4gnutls28 - security update
from 0, < 3.7.1-5+deb11u3
HIGH7.4gnutls28 - security update
from 0, < 3.6.14-1
HIGH7.4gnutls28 - security update
from 0, < 3.6.7-4+deb10u4
HIGH7.4gnutls28 - security update
from 0, < 3.6.7-4+deb10u3
HIGH7.4gnutls28 - security update
from 0, < 3.6.13-2
HIGH7.1A flaw was found in gnutls.
from 0, < 3.7.1-5+deb11u10
MEDIUM6.5A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().
from 0, < 3.7.1-5+deb11u8
MEDIUM6.5gnutls28 - security update
from 0, < 3.7.1-5+deb11u1
MEDIUM6.5gnutls28 - security update
from 0, < 3.6.7-4+deb10u9
MEDIUM5.9gnutls28 - security update
from 0, < 3.6.7-4+deb10u11
MEDIUM5.9gnutls28 - security update
from 0, < 3.7.1-5+deb11u4
MEDIUM5.9It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack.
from 0, < 3.5.19-1
MEDIUM5.9gnutls28 - security update
from 0, < 3.3.30-0+deb8u1
MEDIUM5.9gnutls28 - security update
from 0, < 3.5.19-1
MEDIUM5.9icedove - security update
from 0, < 3.3.15-1
MEDIUM5.6A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.…
from 0, < 3.6.5-2
MEDIUM5.6A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found.
from 0, < 3.5.19-1
MEDIUM5.3A flaw was found in gnutls.
from 0, < 3.7.1-5+deb11u10
MEDIUM5.3gnutls28 - security update
from 0, < 3.7.1-5+deb11u9
MEDIUM5.3gnutls28 - security update
from 0, < 3.7.1-5+deb11u9
MEDIUM5.3gnutls28 - security update
from 0, < 3.7.9-2+deb12u6
MEDIUM5.3A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (…
from 0, < 3.7.9-2+deb12u5
MEDIUM5.3gnutls28 - security update
from 0, < 3.7.9-2+deb12u4
MEDIUM5.3gnutls28 - security update
from 0, < 3.7.1-5+deb11u7
MEDIUM5.3gnutls28 - security update
from 0, < 3.7.1-5+deb11u7
MEDIUM5.3gnutls28 - security update
from 0, < 3.7.1-5+deb11u6
MEDIUM5.3gnutls28 - security update
from 0, < 3.7.1-5+deb11u6
MEDIUM5.0A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle us…
from 0, < 3.7.1-5+deb11u6
MEDIUM4.0A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization.
from 0, < 3.7.1-5+deb11u9
LOW3.7A flaw was found in gnutls.
from 0, < 3.8.9-3+deb13u4
LOW3.7A flaw was found in gnutls.
from 0, < 3.7.9-2+deb12u7
LOW3.4lighttpd - security update
from 0, < 3.3.8-5
—(no summary)
from 0, < 3.7.1-5+deb11u10
—Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly h…
from 0, < 3.3.8-7
—gnutls28 - security update
from 0, < 3.3.17-1
—gnutls28 - security update
from 0, < 3.3.8-6+deb8u2
—The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows…
from 0, < 3.3.8-4
—The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to ca…
from 0, < 3.2.10-1
—gnutls26 - security update
from 0, < 3.2.15-1
—gnutls26 - certificate verification flaw
from 0, < 3.2.11-1
—gnutls26 - incorrect certificate verification
from 0, < 3.2.11-2
—The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel…
from 0, < 3.0.22-3
—polarssl - several
from 0, < 3.0.22-3
—gnutls26 - missing bounds check
from 0, < 3.0.17-2
—Double free vulnerability in libgnutls in GnuTLS before 3.0.14 allows remote attackers to cause a denial of service (application crash) or…
from 0, < 3.0.14-1
—The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between…
from 0, < 3.0.11-1
—curl - several
from 0