Search CVE reports
51 – 60 of 71 results
Some fixes available 38 of 44
Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol...
12 affected packages
firefox, gnutls26, gnutls28, mbedtls, nss...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | Fixed |
| gnutls26 | — | — | — | — | Not in release |
| gnutls28 | — | — | — | — | Not affected |
| mbedtls | — | — | — | — | Not affected |
| nss | — | — | — | — | Not affected |
| openjdk-6 | — | — | — | — | Not in release |
| openjdk-7 | — | — | — | — | Not in release |
| openjdk-8 | — | — | — | — | Not affected |
| openssl | — | — | — | — | Not affected |
| openssl098 | — | — | — | — | Not in release |
| polarssl | — | — | — | — | Not in release |
| thunderbird | — | — | — | — | Fixed |
GnuTLS incorrectly validates the first byte of padding in CBC modes
2 affected packages
gnutls26, gnutls28
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| gnutls26 | — | — | — | — | — |
| gnutls28 | — | — | — | — | — |
Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate.
2 affected packages
gnutls26, gnutls28
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| gnutls26 | — | — | — | — | Not in release |
| gnutls28 | — | — | — | — | Fixed |
Some fixes available 48 of 55
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks...
11 affected packages
gnutls26, apache2, firefox, gnutls28, nss...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| gnutls26 | — | — | — | — | Not in release |
| apache2 | — | — | — | — | Not affected |
| firefox | — | — | — | — | Fixed |
| gnutls28 | — | — | — | — | Not affected |
| nss | — | — | — | — | Fixed |
| openjdk-6 | — | — | — | — | Not in release |
| openjdk-7 | — | — | — | — | Not in release |
| openjdk-8 | — | — | — | — | Not affected |
| openssl | — | — | — | — | Not affected |
| openssl098 | — | — | — | — | Not in release |
| thunderbird | — | — | — | — | Fixed |
Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point.
2 affected packages
gnutls26, gnutls28
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| gnutls26 | — | — | — | — | — |
| gnutls28 | — | — | — | — | — |
Some fixes available 3 of 5
GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors.
2 affected packages
gnutls26, gnutls28
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| gnutls26 | — | — | — | — | — |
| gnutls28 | — | — | — | — | — |
Some fixes available 13 of 15
GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.
2 affected packages
gnutls26, gnutls28
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| gnutls26 | — | — | — | — | Not in release |
| gnutls28 | — | — | — | — | Fixed |
GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is (1) not yet valid or (2)...
2 affected packages
gnutls26, gnutls28
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| gnutls26 | — | — | — | — | — |
| gnutls28 | — | — | — | — | — |
Some fixes available 10 of 11
The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1)...
2 affected packages
gnutls26, gnutls28
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| gnutls26 | — | — | — | — | Not in release |
| gnutls28 | — | — | — | — | Fixed |
The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted X.509 certificate, related...
2 affected packages
gnutls26, gnutls28
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| gnutls26 | — | — | — | — | Not in release |
| gnutls28 | — | — | — | — | Not affected |