| Max CVSS | 5.0 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-10846 | 1.9 |
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain
|
13-02-2023 - 04:50 | 22-08-2018 - 13:29 | |
| CVE-2018-10844 | 4.3 |
It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data
|
13-02-2023 - 04:50 | 22-08-2018 - 13:29 | |
| CVE-2018-10845 | 4.3 |
It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing dat
|
13-02-2023 - 04:50 | 22-08-2018 - 13:29 | |
| CVE-2019-3829 | 5.0 |
A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is
|
30-05-2019 - 16:29 | 27-03-2019 - 18:29 | |
| CVE-2019-3836 | 5.0 |
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.
|
30-05-2019 - 16:29 | 01-04-2019 - 15:29 |