| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2024-28835 | vulnerable | vulnerable | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | A flaw has been discovered in GnuTLS where an application crash can be ... |
| CVE-2024-28834 | vulnerable | vulnerable | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | A flaw was found in GnuTLS. The Minerva attack is a cryptographic vuln ... |
| CVE-2024-0567 | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | fixed | vulnerable (no DSA) | fixed | fixed | fixed | A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTL ... |
| CVE-2024-0553 | fixed | fixed | fixed | vulnerable (no DSA) | fixed | fixed | fixed | A vulnerability was found in GnuTLS. The response times to malformed c ... |
| CVE-2023-5981 | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | A vulnerability was found that the response times to malformed ciphert ... |
| CVE-2021-4209 | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | fixed | fixed | fixed | fixed | fixed | A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash ... |
| CVE-2018-16868 | vulnerable (no DSA, ignored) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | A Bleichenbacher type side-channel based padding oracle attack was fou ... |
| Bug | Description |
|---|
| CVE-2023-0361 | A timing side-channel in the handling of RSA ClientKeyExchange message ... |
| CVE-2022-2509 | A vulnerability found in gnutls. This security flaw happens because of ... |
| CVE-2021-20232 | A flaw was found in gnutls. A use after free issue in client_send_para ... |
| CVE-2021-20231 | A flaw was found in gnutls. A use after free issue in client sending k ... |
| CVE-2020-24659 | An issue was discovered in GnuTLS before 3.6.15. A server can trigger ... |
| CVE-2020-13777 | GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting ... |
| CVE-2020-11501 | GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The e ... |
| CVE-2019-3836 | It was discovered in gnutls before version 3.6.7 upstream that there i ... |
| CVE-2019-3829 | A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. ... |
| CVE-2018-10846 | A cache-based side channel in GnuTLS implementation that leads to plai ... |
| CVE-2018-10845 | It was found that the GnuTLS implementation of HMAC-SHA-384 was vulner ... |
| CVE-2018-10844 | It was found that the GnuTLS implementation of HMAC-SHA-256 was vulner ... |
| CVE-2017-7869 | GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integ ... |
| CVE-2017-7507 | GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dere ... |
| CVE-2017-5337 | Multiple heap-based buffer overflows in the read_attribute function in ... |
| CVE-2017-5336 | Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/op ... |
| CVE-2017-5335 | The stream reading functions in lib/opencdk/read-packet.c in GnuTLS be ... |
| CVE-2017-5334 | Double free vulnerability in the gnutls_x509_ext_import_proxy function ... |
| CVE-2016-7444 | The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS b ... |
| CVE-2016-4456 | The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows r ... |
| CVE-2015-8313 | GnuTLS incorrectly validates the first byte of padding in CBC modes |
| CVE-2015-7575 | Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozi ... |
| CVE-2015-6251 | Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4 ... |
| CVE-2015-3308 | Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3. ... |
| CVE-2015-0294 | GnuTLS before 3.3.13 does not validate that the signature algorithms m ... |
| CVE-2015-0282 | GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature alg ... |
| CVE-2014-8564 | The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3. ... |
| CVE-2014-8155 | GnuTLS before 2.9.10 does not verify the activation and expiration dat ... |
| CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ... |
| CVE-2014-3466 | Buffer overflow in the read_server_hello function in lib/gnutls_handsh ... |
| CVE-2014-3465 | The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3. ... |
| CVE-2014-1959 | lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 trea ... |
| CVE-2014-0092 | lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does ... |
| CVE-2013-4487 | Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in ... |
| CVE-2013-4466 | Buffer overflow in the dane_query_tlsa function in the DANE library (l ... |
| CVE-2013-1619 | The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, ... |
| CVE-2013-0169 | The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as use ... |
| CVE-2012-1663 | Double free vulnerability in libgnutls in GnuTLS before 3.0.14 allows ... |
| CVE-2012-1573 | gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3 ... |
| CVE-2012-0390 | The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain ... |
| CVE-2009-5138 | GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag ... |