Known Vulnerabilities for Gnutls by Gnu
Listed below are 10 of the newest known vulnerabilities associated with "Gnutls" by "Gnu".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-20232 | A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corru... | 9.8 - CRITICAL | 2021-03-12 | 2023-11-07 |
| CVE-2021-20231 | A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and ot... | 9.8 - CRITICAL | 2021-03-12 | 2023-11-07 |
| CVE-2020-24659 | An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_... | 7.5 - HIGH | 2020-09-04 | 2023-11-07 |
| CVE-2020-13777 | GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2,... | 7.4 - HIGH | 2020-06-04 | 2023-11-07 |
| CVE-2020-11501 | GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because ... | 7.4 - HIGH | 2020-04-03 | 2023-11-07 |
| CVE-2019-3836 | It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.... | 7.5 - HIGH | 2019-04-01 | 2023-11-07 |
| CVE-2019-3829 | A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the ... | 7.5 - HIGH | 2019-03-27 | 2023-11-07 |
| CVE-2018-10846 | A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. A... | 5.6 - MEDIUM | 2018-08-22 | 2023-02-13 |
| CVE-2018-10845 | It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers... | 5.9 - MEDIUM | 2018-08-22 | 2023-02-13 |
| CVE-2018-10844 | It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers... | 5.9 - MEDIUM | 2018-08-22 | 2023-02-13 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Gnu | Gnutls | 3.6.9 | All | All | All |
| Application | Gnu | Gnutls | 3.6.8 | All | All | All |
| Application | Gnu | Gnutls | 3.6.7 | All | All | All |
| Application | Gnu | Gnutls | 3.6.6 | All | All | All |
| Application | Gnu | Gnutls | 3.6.5 | All | All | All |
| Application | Gnu | Gnutls | 3.6.4 | All | All | All |
| Application | Gnu | Gnutls | 3.6.3 | All | All | All |
| Application | Gnu | Gnutls | 3.6.2 | All | All | All |
| Application | Gnu | Gnutls | 3.6.15 | All | All | All |
| Application | Gnu | Gnutls | 3.6.14 | All | All | All |
| Application | Gnu | Gnutls | 3.6.13 | All | All | All |
| Application | Gnu | Gnutls | 3.6.12 | All | All | All |
| Application | Gnu | Gnutls | 3.6.11 | All | All | All |
| Application | Gnu | Gnutls | 3.6.10 | All | All | All |
| Application | Gnu | Gnutls | 3.6.1 | All | All | All |
| Application | Gnu | Gnutls | 3.6.0 | All | All | All |
| Application | Gnu | Gnutls | 3.5.9 | All | All | All |
| Application | Gnu | Gnutls | 3.5.8 | All | All | All |
| Application | Gnu | Gnutls | 3.5.7 | All | All | All |
| Application | Gnu | Gnutls | 3.5.6 | All | All | All |