Vulnerabilities (CVE)

Filtered by vendor Gnu Subscribe
Filtered by product Gnutls
Total 60 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-20231 4 Fedoraproject, Gnu, Netapp and 1 more 5 Fedora, Gnutls, Active Iq Unified Manager and 2 more 2021-06-01 7.5 HIGH 9.8 CRITICAL
A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.
CVE-2021-20232 3 Fedoraproject, Gnu, Redhat 3 Fedora, Gnutls, Enterprise Linux 2021-05-17 7.5 HIGH 9.8 CRITICAL
A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.
CVE-2009-3555 7 Apache, Canonical, Debian and 4 more 7 Http Server, Ubuntu Linux, Debian Linux and 4 more 2021-02-05 5.8 MEDIUM N/A
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
CVE-2018-16868 1 Gnu 1 Gnutls 2020-12-04 3.3 LOW 5.6 MEDIUM
A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade any TLS connections to a vulnerable server.
CVE-2014-3467 5 Debian, F5, Gnu and 2 more 16 Debian Linux, Arx, Arx Firmware and 13 more 2020-11-16 5.0 MEDIUM N/A
Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data.
CVE-2014-3468 5 Debian, F5, Gnu and 2 more 16 Debian Linux, Arx, Arx Firmware and 13 more 2020-11-16 7.5 HIGH N/A
The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.
CVE-2014-3469 4 Debian, Gnu, Redhat and 1 more 14 Debian Linux, Gnutls, Libtasn1 and 11 more 2020-11-16 5.0 MEDIUM N/A
The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument.
CVE-2020-24659 2 Fedoraproject, Gnu 2 Fedora, Gnutls 2020-10-26 5.0 MEDIUM 7.5 HIGH
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure.
CVE-2018-10846 5 Canonical, Debian, Fedoraproject and 2 more 7 Ubuntu Linux, Debian Linux, Fedora and 4 more 2020-10-22 1.9 LOW 5.6 MEDIUM
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets.
CVE-2018-10845 5 Canonical, Debian, Fedoraproject and 2 more 7 Ubuntu Linux, Debian Linux, Fedora and 4 more 2020-10-22 4.3 MEDIUM 5.9 MEDIUM
It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets.
CVE-2018-10844 5 Canonical, Debian, Fedoraproject and 2 more 7 Ubuntu Linux, Debian Linux, Fedora and 4 more 2020-10-22 4.3 MEDIUM 5.9 MEDIUM
It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data using crafted packets.
CVE-2020-11501 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2020-09-09 5.8 MEDIUM 7.4 HIGH
GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks the security guarantees of the DTLS protocol.
CVE-2020-13777 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2020-06-19 5.8 MEDIUM 7.4 HIGH
GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application.
CVE-2016-4456 1 Gnu 1 Gnutls 2020-06-16 5.0 MEDIUM 7.5 HIGH
The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem.
CVE-2015-0294 3 Debian, Gnu, Redhat 3 Debian Linux, Gnutls, Enterprise Linux 2020-01-31 5.0 MEDIUM 7.5 HIGH
GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.
CVE-2015-8313 2 Debian, Gnu 2 Debian Linux, Gnutls 2020-01-09 4.3 MEDIUM 5.9 MEDIUM
GnuTLS incorrectly validates the first byte of padding in CBC modes
CVE-2019-3829 2 Fedoraproject, Gnu 2 Fedora, Gnutls 2019-05-30 5.0 MEDIUM 7.5 HIGH
A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected.
CVE-2019-3836 3 Fedoraproject, Gnu, Opensuse 3 Fedora, Gnutls, Leap 2019-05-30 5.0 MEDIUM 7.5 HIGH
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.
CVE-2014-8155 1 Gnu 1 Gnutls 2019-04-08 4.3 MEDIUM N/A
GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is (1) not yet valid or (2) no longer valid.
CVE-2017-5337 2 Gnu, Opensuse 2 Gnutls, Leap 2018-10-30 7.5 HIGH 9.8 CRITICAL
Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.