rpm package
suse/gnutls&distro=SUSE Linux Enterprise Desktop 12 SP1
pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-8610 | Hig | 7.5 | < 3.2.15-16.1 | 3.2.15-16.1 | Nov 13, 2017 | A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amoun | |
| CVE-2017-5337 | Cri | 9.8 | < 3.2.15-16.1 | 3.2.15-16.1 | Mar 24, 2017 | Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate. | |
| CVE-2017-5336 | Cri | 9.8 | < 3.2.15-16.1 | 3.2.15-16.1 | Mar 24, 2017 | Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate. | |
| CVE-2017-5335 | Hig | 7.5 | < 3.2.15-16.1 | 3.2.15-16.1 | Mar 24, 2017 | The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate. | |
| CVE-2016-7444 | Hig | 7.5 | < 3.2.15-16.1 | 3.2.15-16.1 | Sep 27, 2016 | The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailin |
- affected < 3.2.15-16.1fixed 3.2.15-16.1
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amoun
- affected < 3.2.15-16.1fixed 3.2.15-16.1
Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.
- affected < 3.2.15-16.1fixed 3.2.15-16.1
Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate.
- affected < 3.2.15-16.1fixed 3.2.15-16.1
The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate.
- affected < 3.2.15-16.1fixed 3.2.15-16.1
The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailin