Search CVE reports
11 – 14 of 14 results
The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 continues to process Client Hello messages within a TLS message after one has already been processed, which allows...
3 affected packages
gnutls12, gnutls13, gnutls26
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gnutls12 | — | — | — | — |
| gnutls13 | — | — | — | — |
| gnutls26 | — | — | — | — |
The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 does not properly calculate the number of Server Names in a TLS 1.0 Client Hello message during extension...
3 affected packages
gnutls12, gnutls13, gnutls26
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gnutls12 | — | — | — | — |
| gnutls13 | — | — | — | — |
| gnutls26 | — | — | — | — |
The _gnutls_x509_oid2mac_algorithm function in lib/gnutls_algorithms.c in GnuTLS before 1.4.2 allows remote attackers to cause a denial of service (crash) via a crafted X.509 certificate that uses a hash algorithm that is not...
4 affected packages
gnutls11, gnutls12, gnutls13, gnutls26
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gnutls11 | — | — | — | — |
| gnutls12 | — | — | — | — |
| gnutls13 | — | — | — | — |
| gnutls26 | — | — | — | — |
verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does not properly handle excess data in the digestAlgorithm.parameters field when generating a hash, which allows remote attackers to forge a PKCS #1 v1.5...
3 affected packages
gnutls11, gnutls12, gnutls13
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gnutls11 | — | — | — | — |
| gnutls12 | — | — | — | — |
| gnutls13 | — | — | — | — |