VYPR
Critical severity9.8NVD Advisory· Published Mar 24, 2017· Updated Jun 17, 2026

CVE-2017-5334

CVE-2017-5334

Description

Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

12
  • GNU/Gnutls9 versions
    cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*range: <=3.3.25
    • cpe:2.3:a:gnu:gnutls:3.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gnutls:3.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gnutls:3.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gnutls:3.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gnutls:3.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gnutls:3.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gnutls:3.5.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gnutls:3.5.7:*:*:*:*:*:*:*
  • OpenSUSE/Leap2 versions
    cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
  • Range: <3.3.26, <3.5.8

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.