CVE-2015-0294

Опубликовано: 27 янв. 2020

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.

Ссылки

http://www.debian.org/security/2015/dsa-3191
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1196323
Issue Tracking
Patch
Third Party Advisory
https://gitlab.com/gnutls/gnutls/commit/6e76e9b9fa845b76b0b9a45f05f4b54a052578ff
Patch
Third Party Advisory
http://www.debian.org/security/2015/dsa-3191
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1196323
Issue Tracking
Patch
Third Party Advisory
https://gitlab.com/gnutls/gnutls/commit/6e76e9b9fa845b76b0b9a45f05f4b54a052578ff
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*

Версия до 3.3.13 (исключая)

Конфигурация 2

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00584

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-295

Связанные уязвимости

CVE-2015-0294

CVSS3: 7.5

ubuntu

почти 6 лет назад

GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.

CVE-2015-0294

redhat

больше 10 лет назад

GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.

CVE-2015-0294

CVSS3: 7.5

debian

почти 6 лет назад

GnuTLS before 3.3.13 does not validate that the signature algorithms m ...

SUSE-SU-2015:0735-1

suse-cvrf

больше 10 лет назад

Security update for gnutls

GHSA-xqm3-jfj9-8pf2

CVSS3: 7.5

github

больше 3 лет назад

GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.

EPSS

Процентиль: 68%

0.00584

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-295