Every CVE whose affected-product data names Gnu Gnutls, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (74)
CVE-2008-1948 — CVSS 10.0 (critical): The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 does not properly…
CVE-2017-5337 — CVSS 9.8 (critical): Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers…
CVE-2017-5336 — CVSS 9.8 (critical): Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows…
CVE-2009-3555 — CVSS 9.8 (critical): The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in…
CVE-2017-5334 — CVSS 9.8 (critical): Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote…
CVE-2021-20232 — CVSS 9.8 (critical): A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and…
CVE-2021-20231 — CVSS 9.8 (critical): A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other…
CVE-2008-1949 — CVSS 9.3 (critical): The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 continues to process…
CVE-2004-2531 — CVSS 7.8 (high): X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial…
CVE-2008-2377 — CVSS 7.6 (high): Use-after-free vulnerability in the _gnutls_handshake_hash_buffers_clear function in lib/gnutls_handshake.c in libgnutls in GnuTLS 2.3.5…
CVE-2010-0731 — CVSS 7.5 (high): The gnutls_x509_crt_get_serial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the…
CVE-2017-7869 — CVSS 7.5 (high): GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the…
CVE-2017-7507 — CVSS 7.5 (high): GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid…
CVE-2012-1663 — CVSS 7.5 (high): Double free vulnerability in libgnutls in GnuTLS before 3.0.14 allows remote attackers to cause a denial of service (application crash) or…
CVE-2017-5335 — CVSS 7.5 (high): The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a…
CVE-2016-7444 — CVSS 7.5 (high): The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length…
CVE-2016-4456 — CVSS 7.5 (high): The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the…
CVE-2015-3308 — CVSS 7.5 (high): Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly…
CVE-2014-3468 — CVSS 7.5 (high): The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which…
CVE-2015-0294 — CVSS 7.5 (high): GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.
CVE-2026-42009 — CVSS 7.5 (high): A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering…
CVE-2026-33845 — CVSS 7.5 (high): A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow…
CVE-2026-1584 — CVSS 7.5 (high): A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello…
CVE-2024-0567 — CVSS 7.5 (high): A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue…
CVE-2024-0553 — CVSS 7.5 (high): A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response…
CVE-2022-2509 — CVSS 7.5 (high): A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures…
CVE-2009-1416 — CVSS 7.5 (high): lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates RSA keys stored in DSA structures, instead of the intended DSA keys…
CVE-2009-2730 — CVSS 7.5 (high): libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' character in a domain name in the subject's (1) Common Name (CN) or (2)…
CVE-2020-24659 — CVSS 7.5 (high): An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation…
CVE-2020-13777 — CVSS 7.4 (high): GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an…
CVE-2020-11501 — CVSS 7.4 (high): GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in…
CVE-2023-0361 — CVSS 7.4 (high): A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to…
CVE-2026-42010 — CVSS 7.1 (high): A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames…
CVE-2014-3466 — CVSS 6.8 (medium): Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before…
CVE-2021-4209 — CVSS 6.5 (medium): A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input…
CVE-2026-3833 — CVSS 6.5 (medium): A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels…
CVE-2025-32990 — CVSS 6.5 (medium): A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When…
CVE-2025-32988 — CVSS 6.5 (medium): A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject…
CVE-2008-4989 — CVSS 5.9 (medium): The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which…
CVE-2018-10844 — CVSS 5.9 (medium): It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use…
CVE-2018-10845 — CVSS 5.9 (medium): It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use…
CVE-2019-3836 — CVSS 5.9 (medium): It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later…
CVE-2023-5981 — CVSS 5.9 (medium): A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of…
CVE-2014-1959 — CVSS 5.8 (medium): lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows…
CVE-2009-5138 — CVSS 5.8 (medium): GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag is not enabled, treats version 1 X.509 certificates as intermediate…
CVE-2014-0092 — CVSS 5.8 (medium): lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509…
CVE-2018-16868 — CVSS 5.6 (medium): A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1…
CVE-2018-10846 — CVSS 5.6 (medium): A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker…
CVE-2019-3829 — CVSS 5.3 (medium): A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate…
CVE-2025-32989 — CVSS 5.3 (medium): A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp…
CVE-2009-2409 — CVSS 5.1 (medium): The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k…
CVE-2013-2116 — CVSS 5.0 (medium): The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service…
CVE-2012-1573 — CVSS 5.0 (medium): gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher…
CVE-2012-1569 — CVSS 5.0 (medium): The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not…
CVE-2014-8564 — CVSS 5.0 (medium): The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows…
CVE-2014-3467 — CVSS 5.0 (medium): Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a…
CVE-2005-1431 — CVSS 5.0 (medium): The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before 1.0.25 allows remote attackers to cause a denial of service, possibly…
CVE-2009-1417 — CVSS 5.0 (medium): gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote attackers…
CVE-2015-6251 — CVSS 5.0 (medium): Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long…
CVE-2014-3465 — CVSS 5.0 (medium): The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to…
CVE-2015-0282 — CVSS 5.0 (medium): GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which…
CVE-2006-7239 — CVSS 5.0 (medium): The _gnutls_x509_oid2mac_algorithm function in lib/gnutls_algorithms.c in GnuTLS before 1.4.2 allows remote attackers to cause a denial of…
CVE-2006-4790 — CVSS 5.0 (medium): verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does not properly handle excess data in the digestAlgorithm.paramete…
CVE-2013-4487 — CVSS 5.0 (medium): Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.16 and 3.2.x before 3.2.6 allows remote…
CVE-2013-4466 — CVSS 5.0 (medium): Buffer overflow in the dane_query_tlsa function in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.15 and 3.2.x before 3.2.5 allows…
CVE-2014-3469 — CVSS 5.0 (medium): The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a…
CVE-2008-1950 — CVSS 5.0 (medium): Integer signedness error in the _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in libgnutls in GnuTLS before 2.2.4 allows…
CVE-2009-1415 — CVSS 4.3 (medium): lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly handle invalid DSA signatures, which allows remote attackers to…
CVE-2011-4128 — CVSS 4.3 (medium): Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when…
CVE-2014-8155 — CVSS 4.3 (medium): GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to…
CVE-2012-0390 — CVSS 4.3 (medium): The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between…
CVE-2013-1619 — CVSS 4.0 (medium): The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel…
CVE-2026-3832 — CVSS 3.7 (low): A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status…