Vulnerabilities > GNU > Gnutls > 1.7.19
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-16 | CVE-2024-0567 | Improper Verification of Cryptographic Signature vulnerability in GNU Gnutls A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. | 7.5 |
2024-01-16 | CVE-2024-0553 | Information Exposure Through Discrepancy vulnerability in multiple products A vulnerability was found in GnuTLS. | 7.5 |
2022-08-24 | CVE-2021-4209 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in GnuTLS. | 6.5 |
2022-08-01 | CVE-2022-2509 | Double Free vulnerability in multiple products A vulnerability found in gnutls. | 7.5 |
2020-09-04 | CVE-2020-24659 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in GnuTLS before 3.6.15. | 7.5 |
2020-01-27 | CVE-2015-0294 | Improper Certificate Validation vulnerability in multiple products GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate. | 5.0 |
2018-12-03 | CVE-2018-16868 | Information Exposure Through Discrepancy vulnerability in GNU Gnutls A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data. | 5.6 |
2018-08-22 | CVE-2018-10846 | Covert Timing Channel vulnerability in multiple products A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. | 5.6 |
2018-08-22 | CVE-2018-10845 | Covert Timing Channel vulnerability in multiple products It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. | 5.9 |
2018-08-22 | CVE-2018-10844 | Covert Timing Channel vulnerability in multiple products It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. | 5.9 |