3.4.12

DATE	CVE	VULNERABILITY TITLE	RISK
2017-04-14	CVE-2017-7869	Out-of-bounds Write vulnerability in GNU Gnutls GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. network low complexity gnu CWE-787	7.5
2016-09-27	CVE-2016-7444	Permissions, Privileges, and Access Controls vulnerability in GNU Gnutls The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc. network low complexity gnu CWE-264	7.5