CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4456
https://notcve.org/view.php?id=CVE-2016-4456
08 Aug 2017 — The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem. La variable de entorno "GNUTLS_KEYLOGFILE" en gnutls 3.4.12 permite que atacantes remotos sobrescriban y corrompan archivos arbitrarios en el sistema de archivos. • http://www.openwall.com/lists/oss-security/2016/06/07/6 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7507 – gnutls: Crash upon receiving well-formed status_request extension
https://notcve.org/view.php?id=CVE-2017-7507
14 Jun 2017 — GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application. GnuTLS versión 3.5.12 y anteriores, es vulnerable a una desreferencia del puntero NULL durante la descodificación de una extensión TLS de respuesta de estado con contenido válido. Esto podría conllevar a un bloqueo de la aplicación del servidor GnuTLS. A null pointer dereference flaw was found in the way... • http://www.debian.org/security/2017/dsa-3884 • CWE-476: NULL Pointer Dereference •
CVSS: 8.1EPSS: 1%CPEs: 1EXPL: 0CVE-2017-7869 – gnutls: Out-of-bounds write related to the cdk_pkt_read function (GNUTLS-SA-2017-3)
https://notcve.org/view.php?id=CVE-2017-7869
14 Apr 2017 — GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10. GnuTLS en versiones anteriores a 20-02-2017 tiene una escritura fuera de límites provocado por un desbordamiento de entero y desbordamiento de búfer basado en memoria dinámica en relación con la función cdk_pkt_read en opencdk/read-packet.c. Est... • http://www.securityfocus.com/bid/97040 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 5%CPEs: 11EXPL: 0CVE-2017-5334 – gnutls: Double-free while decoding crafted X.509 certificates
https://notcve.org/view.php?id=CVE-2017-5334
13 Jan 2017 — Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension. La vulnerabilidad de liberación doble en la función gnutls_x509_ext_import_proxy de GnuTLS en versiones anteriores a 3.3.26 y 3.5.x en versiones anteriores a 3.5.8 permite a los atacantes remotos tener un impacto no especificado a ... • http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00005.html • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 7.5EPSS: 4%CPEs: 11EXPL: 0CVE-2017-5335 – gnutls: Out of memory while parsing crafted OpenPGP certificate
https://notcve.org/view.php?id=CVE-2017-5335
13 Jan 2017 — The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate. Las funciones de lectura de flujo en lib/opencdk/read-packet.c en GnuTLS en versiones anteriores a 3.3.26 y 3.5.x en versiones anteriores a 3.5.8 permiten a atacantes remotos provocar una denegación de servicio (fallo de memoria y error) Certificado OpenPGP. Stefan Buehler discovered tha... • http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00005.html • CWE-125: Out-of-bounds Read CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 1%CPEs: 11EXPL: 0CVE-2017-5336 – gnutls: Stack overflow in cdk_pk_get_keyid
https://notcve.org/view.php?id=CVE-2017-5336
13 Jan 2017 — Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate. El desbordamiento de búfer basado en la pila en la función cdk_pk_get_keyid en lib/opencdk/pubkey.c en GnuTLS en versiones anteriores a 3.3.26 y 3.5.x en versiones anteriores a 3.5.8 permite a atacantes remotos tener un impacto no especificado a través de un certificado OpenPGP manipulado. Ste... • http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00005.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 1%CPEs: 11EXPL: 0CVE-2017-5337 – gnutls: Heap read overflow in read-packet.c
https://notcve.org/view.php?id=CVE-2017-5337
13 Jan 2017 — Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate. Múltiples desbordamientos de búfer basados en memoria dinámica en la función read_attribute en GnuTLS en versiones anteriores a 3.3.26 y 3.5.x en versiones anteriores a 3.5.8 permiten a los atacantes remotos tener un impacto no especificado a través de un certificado OpenPGP manipulado. Stefan Buehler discovere... • http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00005.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2016-7444 – gnutls: Incorrect certificate validation when using OCSP responses (GNUTLS-SA-2016-3)
https://notcve.org/view.php?id=CVE-2016-7444
27 Sep 2016 — The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc. La función gnutls_ocsp_resp_check_crt en lib/x509/ocsp.c en GnuTLS en versiones anteriores a 3.4.15 y 3.5.x en versiones anteriores a 3.5.4 no verifica la longitud de serie de una respuesta OCSP, lo qu... • http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00005.html • CWE-264: Permissions, Privileges, and Access Controls CWE-295: Improper Certificate Validation •
CVSS: 5.9EPSS: 1%CPEs: 5EXPL: 0CVE-2015-8313 – Debian Security Advisory 3408-1
https://notcve.org/view.php?id=CVE-2015-8313
01 Dec 2015 — GnuTLS incorrectly validates the first byte of padding in CBC modes GnuTLS comprueba incorrectamente el primer byte de relleno en los modos CBC It was discovered that GnuTLS, a library implementing the TLS and SSL protocols, incorrectly validates the first byte of padding in CBC modes. A remote attacker can possibly take advantage of this flaw to perform a padding oracle attack. • http://www.debian.org/security/2015/dsa-3408 • CWE-203: Observable Discrepancy •
CVSS: 7.5EPSS: 6%CPEs: 23EXPL: 0CVE-2015-6251 – Ubuntu Security Notice USN-2727-1
https://notcve.org/view.php?id=CVE-2015-6251
24 Aug 2015 — Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate. Vulnerabilidad de liberación doble en GnuTLS en versiones anteriores a la 3.3.17 y 3.4.x versiones anteriores a 3.4.4, permite a atacantes remotos causar una denegación de servicio a través de una entrada DistinguishedName (DN) de gran longitud en un certificado. It was discovered that GnuTLS incorrectly handled parsing CRL di... • http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165286.html •