rpm package

opensuse/gnutls&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/gnutls&distro=openSUSE%20Tumbleweed

Vulnerabilities (44)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2023-5981		—	< 3.8.2-1.1	3.8.2-1.1	Nov 28, 2023	A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.
CVE-2023-0361		—	< 3.7.9-1.2	3.7.9-1.2	Feb 15, 2023	A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attac
CVE-2022-2509		—	< 3.7.7-1.1	3.7.7-1.1	Aug 1, 2022	A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.
CVE-2021-20232		—	< 3.7.2-1.2	3.7.2-1.2	Mar 12, 2021	A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.
CVE-2020-13777		—	< 3.7.2-1.2	3.7.2-1.2	Jun 4, 2020	GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first
CVE-2019-3836		—	< 3.7.2-1.2	3.7.2-1.2	Apr 1, 2019	It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.
CVE-2019-3829		—	< 3.7.2-1.2	3.7.2-1.2	Mar 27, 2019	A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected.
CVE-2018-10846		—	< 3.7.2-1.2	3.7.2-1.2	Aug 22, 2018	A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets.
CVE-2016-8610	Hig	7.5	< 3.7.2-1.2	3.7.2-1.2	Nov 13, 2017	A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amoun
CVE-2017-7869	Hig	7.5	< 3.7.2-1.2	3.7.2-1.2	Apr 14, 2017	GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10.
CVE-2015-6251		—	< 3.4.15-1.1	3.4.15-1.1	Aug 24, 2015	Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate.
CVE-2014-8564		—	< 3.4.15-1.1	3.4.15-1.1	Nov 13, 2014	The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) ce
CVE-2014-3466		—	< 3.4.15-1.1	3.4.15-1.1	Jun 3, 2014	Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a Se
CVE-2014-1959		—	< 3.4.15-1.1	3.4.15-1.1	Mar 7, 2014	lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates.
CVE-2014-0092		—	< 3.4.15-1.1	3.4.15-1.1	Mar 7, 2014	lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
CVE-2012-1573		—	< 3.4.15-1.1	3.4.15-1.1	Mar 26, 2012	gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated
CVE-2012-1569		—	< 3.4.15-1.1	3.4.15-1.1	Mar 26, 2012	The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application
CVE-2012-0390		—	< 3.4.15-1.1	3.4.15-1.1	Jan 6, 2012	The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between a padding length and the ciphertext size, which makes it easier for remote attackers to recover partial plaintext via a timing side-channel a
CVE-2011-4128		—	< 3.4.15-1.1	3.4.15-1.1	Dec 8, 2011	Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service (application crash) via
CVE-2008-4989	Med	5.9	< 3.4.15-1.1	3.4.15-1.1	Nov 13, 2008	The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed certificate

CVE-2023-5981Nov 28, 2023
affected < 3.8.2-1.1fixed 3.8.2-1.1
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.
CVE-2023-0361Feb 15, 2023
affected < 3.7.9-1.2fixed 3.7.9-1.2
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attac
CVE-2022-2509Aug 1, 2022
affected < 3.7.7-1.1fixed 3.7.7-1.1
A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.
CVE-2021-20232Mar 12, 2021
affected < 3.7.2-1.2fixed 3.7.2-1.2
A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.
CVE-2020-13777Jun 4, 2020
affected < 3.7.2-1.2fixed 3.7.2-1.2
GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first
CVE-2019-3836Apr 1, 2019
affected < 3.7.2-1.2fixed 3.7.2-1.2
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.
CVE-2019-3829Mar 27, 2019
affected < 3.7.2-1.2fixed 3.7.2-1.2
A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected.
CVE-2018-10846Aug 22, 2018
affected < 3.7.2-1.2fixed 3.7.2-1.2
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets.
CVE-2016-8610HigNov 13, 2017
affected < 3.7.2-1.2fixed 3.7.2-1.2
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amoun
CVE-2017-7869HigApr 14, 2017
affected < 3.7.2-1.2fixed 3.7.2-1.2
GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10.
CVE-2015-6251Aug 24, 2015
affected < 3.4.15-1.1fixed 3.4.15-1.1
Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate.
CVE-2014-8564Nov 13, 2014
affected < 3.4.15-1.1fixed 3.4.15-1.1
The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) ce
CVE-2014-3466Jun 3, 2014
affected < 3.4.15-1.1fixed 3.4.15-1.1
Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a Se
CVE-2014-1959Mar 7, 2014
affected < 3.4.15-1.1fixed 3.4.15-1.1
lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates.
CVE-2014-0092Mar 7, 2014
affected < 3.4.15-1.1fixed 3.4.15-1.1
lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
CVE-2012-1573Mar 26, 2012
affected < 3.4.15-1.1fixed 3.4.15-1.1
gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated
CVE-2012-1569Mar 26, 2012
affected < 3.4.15-1.1fixed 3.4.15-1.1
The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application
CVE-2012-0390Jan 6, 2012
affected < 3.4.15-1.1fixed 3.4.15-1.1
The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between a padding length and the ciphertext size, which makes it easier for remote attackers to recover partial plaintext via a timing side-channel a
CVE-2011-4128Dec 8, 2011
affected < 3.4.15-1.1fixed 3.4.15-1.1
Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service (application crash) via
CVE-2008-4989MedNov 13, 2008
affected < 3.4.15-1.1fixed 3.4.15-1.1
The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed certificate

Page 2 of 3