CVE-2014-3465
CVE-2014-3465 is a medium-severity vulnerability in Gnu Gnutls with a CVSS 2.0 base score of 5.0. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 2.0 base score 5.0)
- EPSS exploit prediction: 7% (93rd percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Gnu Gnutls
- Published:
- Last modified:
Description
The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN.
Frequently asked questions
- What is CVE-2014-3465?
- The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN.
- How severe is CVE-2014-3465?
- CVE-2014-3465 has a CVSS 2.0 base score of 5.0, rated medium severity.
- Is CVE-2014-3465 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 7% (93rd percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2014-3465?
- CVE-2014-3465 primarily affects Gnu Gnutls. In total, 60 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2014-3465?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2014-3465 published?
- CVE-2014-3465 was published on 2014-06-10 and last updated on 2026-06-17.
References
- http://lists.gnutls.org/pipermail/gnutls-help/2014-January/003326.html
- http://lists.gnutls.org/pipermail/gnutls-help/2014-January/003327.html
- http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00007.html
- http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00010.html
- http://rhn.redhat.com/errata/RHSA-2014-0684.html
- http://secunia.com/advisories/59086
- https://bugzilla.redhat.com/show_bug.cgi?id=1101734
- https://www.gitorious.org/gnutls/gnutls/commit/d3648ebb04b650e6d20a2ec1fb839256b30b9fc6
Affected products (60)
- cpe:2.3:a:gnu:gnutls:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.20:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.22:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.23:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.24:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.25:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.26:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.27:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.0.28:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.1.10:*:*:*:*:*:*:*
More vulnerabilities in Gnu Gnutls
- CVE-2008-1948 — Critical (CVSS 10.0): The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in GnuTLS before…
- CVE-2021-20232 — Critical (CVSS 9.8): A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory…
- CVE-2021-20231 — Critical (CVSS 9.8): A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption…
- CVE-2017-5337 — Critical (CVSS 9.8): Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8…
- CVE-2017-5336 — Critical (CVSS 9.8): Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x…
- CVE-2017-5334 — Critical (CVSS 9.8): Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8…