Описание
lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | released | 2.12.23-12ubuntu1 |
| lucid | not-affected | 2.8.5-2ubuntu0.4 |
| precise | released | 2.12.14-5ubuntu3.6 |
| precise/esm | not-affected | 2.12.14-5ubuntu3.6 |
| quantal | released | 2.12.14-5ubuntu4.5 |
| saucy | released | 2.12.23-1ubuntu4.1 |
| trusty | released | 2.12.23-12ubuntu1 |
| trusty/esm | released | 2.12.23-12ubuntu1 |
| upstream | released | 2.12.23-12 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.2.11-2ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [3.2.11-2ubuntu1]] |
| esm-infra/xenial | not-affected | 3.2.11-2ubuntu1 |
| lucid | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | ignored | end of life |
| saucy | ignored | end of life |
| trusty | not-affected | 3.2.11-2ubuntu1 |
| trusty/esm | DNE | trusty was not-affected [3.2.11-2ubuntu1] |
Показывать по
EPSS
5.8 Medium
CVSS2
Связанные уязвимости
lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates.
lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates.
lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 trea ...
lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates.
Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
5.8 Medium
CVSS2