Описание
Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.16 and 3.2.x before 3.2.6 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries. NOTE: this issue is due to an incomplete fix for CVE-2013-4466.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.2.11-2ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [3.2.11-2ubuntu1]] |
| lucid | DNE | |
| precise | not-affected | |
| quantal | not-affected | |
| raring | not-affected | |
| saucy | ignored | end of life |
| trusty | not-affected | 3.2.11-2ubuntu1 |
| trusty/esm | DNE | trusty was not-affected [3.2.11-2ubuntu1] |
| upstream | released | 3.1.16,3.2.6 |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.16 and 3.2.x before 3.2.6 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries. NOTE: this issue is due to an incomplete fix for CVE-2013-4466.
Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.16 and 3.2.x before 3.2.6 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries. NOTE: this issue is due to an incomplete fix for CVE-2013-4466.
Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in ...
Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.16 and 3.2.x before 3.2.6 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries. NOTE: this issue is due to an incomplete fix for CVE-2013-4466.
EPSS
5 Medium
CVSS2