| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-5336 | 7.5 |
Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate.
|
30-10-2018 - 16:27 | 24-03-2017 - 15:59 | |
| CVE-2017-5334 | 7.5 |
Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Cert
|
30-10-2018 - 16:27 | 24-03-2017 - 15:59 | |
| CVE-2017-5337 | 7.5 |
Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.
|
30-10-2018 - 16:27 | 24-03-2017 - 15:59 | |
| CVE-2017-5335 | 5.0 |
The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate.
|
30-10-2018 - 16:27 | 24-03-2017 - 15:59 | |
| CVE-2016-7444 | 5.0 |
The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism
|
05-01-2018 - 02:31 | 27-09-2016 - 15:59 |