📦 Gnutls

This CVE-2021-20231 is a critical use-after-free vulnerability in GnuTLS that occurs when a client sends a key_share extension, potentially leading to memory corruption. Attackers could exploit this t...

A vulnerability in GnuTLS causes Cockpit to reject certificate chains with distributed trust when using cockpit-certificate-ensure, allowing unauthenticated remote attackers to trigger denial of servi...

This CVE describes a timing side-channel vulnerability in GnuTLS that allows attackers to perform Bleichenbacher-style attacks against RSA encryption. By sending specially crafted messages to vulnerab...

This CVE describes a heap-buffer-overflow vulnerability in GnuTLS's certtool utility when parsing template files. An attacker can trigger memory corruption leading to denial-of-service (system crash)....

A heap-buffer-overread vulnerability in GnuTLS allows attackers to create malicious certificates with malformed Certificate Transparency extensions that leak sensitive information during certificate v...