Max CVSS | 5.8 | Min CVSS | 2.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2013-0169 | 2.6 |
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding,
|
12-05-2023 - 12:58 | 08-02-2013 - 19:55 | |
CVE-2013-2116 | 5.0 |
The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service (buffer over-read and crash) via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-20
|
13-02-2023 - 00:28 | 03-07-2013 - 18:55 | |
CVE-2012-1573 | 5.0 |
gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a c
|
18-01-2018 - 02:29 | 26-03-2012 - 19:55 | |
CVE-2012-1569 | 5.0 |
The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap mem
|
18-01-2018 - 02:29 | 26-03-2012 - 19:55 | |
CVE-2014-0092 | 5.8 |
lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
|
28-11-2016 - 19:10 | 07-03-2014 - 00:10 | |
CVE-2011-4108 | 4.3 |
The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack.
|
23-08-2016 - 02:04 | 06-01-2012 - 01:55 | |
CVE-2009-5138 | 5.8 |
GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag is not enabled, treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a t
|
01-04-2014 - 05:44 | 07-03-2014 - 00:10 | |
CVE-2013-1619 | 4.0 |
The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows rem
|
26-03-2014 - 04:46 | 08-02-2013 - 19:55 | |
CVE-2012-0390 | 4.3 |
The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between a padding length and the ciphertext size, which makes it easier for remote attackers to recover partial plainte
|
26-03-2014 - 04:28 | 06-01-2012 - 01:55 |