Max CVSS 7.5 Min CVSS 5.0 Total Count6
IDCVSSSummaryLast (major) updatePublished
CVE-2017-7507 5.0
GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application.
16-06-2017 - 15:29 16-06-2017 - 15:29
CVE-2017-5336 7.5
Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate.
27-03-2017 - 15:26 24-03-2017 - 11:59
CVE-2017-5335 5.0
The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate.
27-03-2017 - 15:26 24-03-2017 - 11:59
CVE-2017-5334 7.5
Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Cert
27-03-2017 - 15:24 24-03-2017 - 11:59
CVE-2017-5337 7.5
Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.
27-03-2017 - 15:19 24-03-2017 - 11:59
CVE-2016-7444 5.0
The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism
24-03-2017 - 21:59 27-09-2016 - 11:59
Back to Top Mark selected
Back to Top