Gnu Gnutls vulnerabilities
66 known vulnerabilities affecting gnu/gnutls.
Total CVEs
66
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
CRITICAL7HIGH24MEDIUM35
Vulnerabilities
Page 4 of 4
CVE-2008-1949CRITICALCVSS 9.3v1.0.18v1.0.19+103 more2008-05-21
CVE-2008-1949 [CRITICAL] CWE-287 CVE-2008-1949: The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS
The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 continues to process Client Hello messages within a TLS message after one has already been processed, which allows remote attackers to cause a denial of service (NULL dereference and crash) via a TLS message containing multiple Client He
nvd
CVE-2008-1948CRITICALCVSS 10.0v1.0.18v1.0.19+103 more2008-05-21
CVE-2008-1948 [CRITICAL] CWE-189 CVE-2008-1948: The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in
The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 does not properly calculate the number of Server Names in a TLS 1.0 Client Hello message during extension handling, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a zero v
nvd
CVE-2008-1950MEDIUMCVSS 5.0v1.0.18v1.0.19+103 more2008-05-21
CVE-2008-1950 [MEDIUM] CWE-189 CVE-2008-1950: Integer signedness error in the _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in lib
Integer signedness error in the _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in libgnutls in GnuTLS before 2.2.4 allows remote attackers to cause a denial of service (buffer over-read and crash) via a certain integer value in the Random field in an encrypted Client Hello message within a TLS record with an invalid Record Length, which
nvd
CVE-2006-4790MEDIUMCVSS 5.0v1.0.17v1.0.18+38 more2006-09-14
CVE-2006-4790 [MEDIUM] CWE-310 CVE-2006-4790: verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does not properly handle exc
verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does not properly handle excess data in the digestAlgorithm.parameters field when generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents GnuTLS from correctly verifying X.509 and other certificates that use PK
nvd
CVE-2005-1431MEDIUMCVSS 5.0v1.0.18v1.0.19+8 more2005-05-03
CVE-2005-1431 [MEDIUM] CVE-2005-1431: The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before 1.0.25 allows remote attackers
The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before 1.0.25 allows remote attackers to cause a denial of service, possibly related to padding bytes in gnutils_cipher.c.
nvd
CVE-2004-2531HIGHCVSS 7.8v1.0.162004-12-31
CVE-2004-2531 [HIGH] CVE-2004-2531: X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 all
X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys.
nvd
← Previous4 / 4