Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Gnu Subscribe
Filtered by product Gnutls
Total 63 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-0390 1 Gnu 1 Gnutls 2014-03-25 4.3 MEDIUM N/A
The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between a padding length and the ciphertext size, which makes it easier for remote attackers to recover partial plaintext via a timing side-channel attack, a related issue to CVE-2011-4108.
CVE-2013-4466 1 Gnu 1 Gnutls 2013-11-21 5.0 MEDIUM N/A
Buffer overflow in the dane_query_tlsa function in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.15 and 3.2.x before 3.2.5 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries.
CVE-2009-1416 1 Gnu 1 Gnutls 2009-06-09 7.5 HIGH N/A
lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates RSA keys stored in DSA structures, instead of the intended DSA keys, which might allow remote attackers to spoof signatures on certificates or have unspecified other impact by leveraging an invalid DSA key.