Mod Gnutls Project Mod Gnutls — known CVE vulnerabilities
Every CVE whose affected-product data names Mod Gnutls Project Mod Gnutls, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2009-5144 — CVSS 7.5 (high): mod-gnutls does not validate client certificates when "GnuTLSClientVerify require" is set in a directory context, which allows remote…
CVE-2023-25824 — CVSS 7.5 (high): Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Versions from 0.9.0 to 0.12.0 (including) did not properly fail blocking read…
CVE-2026-33307 — CVSS 7.5 (high): Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. In versions prior to 0.12.3 and 0.13.0, code for client certificate…
CVE-2026-33308 — CVSS 6.8 (medium): Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not…