ByteOS Network

GnuTLS

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

3Vulnerabilities found

CVE-2021-4209

Assigner-Red Hat, Inc.

View Details

Assigner-Red Hat, Inc.

CVSS Score-6.5||MEDIUM

EPSS-0.37% / 58.94%

7 Day CHG~0.00%

Published-24 Aug, 2022 | 15:07

Updated-03 Aug, 2024 | 17:16

A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.

Vendor-n/a Red Hat, Inc.NetApp, Inc.GNU

Product-solidfire_\&_hci_management_node enterprise_linux active_iq_unified_manager hci_bootstrap_os gnutls hci_compute_node GnuTLS

CWE ID-CWE-476

NULL Pointer Dereference

CVE-2022-2509

Assigner-Red Hat, Inc.

View Details

Assigner-Red Hat, Inc.

CVSS Score-7.5||HIGH

EPSS-0.63% / 70.67%

7 Day CHG~0.00%

Published-01 Aug, 2022 | 14:01

Updated-02 Dec, 2025 | 21:15

A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.

Vendor-n/a GNU Fedora Project Red Hat, Inc.Debian GNU/Linux

Product-debian_linux gnutls enterprise_linux fedora GnuTLS

CWE ID-CWE-415

Double Free

CVE-2015-0294

Assigner-Red Hat, Inc.

View Details

Assigner-Red Hat, Inc.

CVSS Score-7.5||HIGH

EPSS-0.43% / 62.65%

7 Day CHG~0.00%

Published-27 Jan, 2020 | 15:12

Updated-06 Aug, 2024 | 04:03

GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.

Vendor-GnuTLS Red Hat, Inc.Debian GNU/Linux GNU

Product-debian_linux gnutls enterprise_linux GnuTLS

CWE ID-CWE-295

Improper Certificate Validation