CVE-2024-28835

Опубликовано: 21 мар. 2024

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 5

Описание

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command.

Релиз	Статус	Примечание
devel	released	3.8.3-1.1ubuntu3.1
esm-infra/bionic	not-affected	code not present
esm-infra/focal	not-affected	3.6.13-2ubuntu1.10
esm-infra/xenial	not-affected	code not present
focal	not-affected	3.6.13-2ubuntu1.10
jammy	released	3.7.3-4ubuntu1.5
mantic	released	3.8.1-4ubuntu1.3
noble	released	3.8.3-1.1ubuntu3.1
upstream	needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 2%

0.00014

Низкий

5 Medium

CVSS3

Связанные уязвимости

CVE-2024-28835

CVSS3: 5

redhat

больше 1 года назад

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command.

CVE-2024-28835

CVSS3: 5

nvd

больше 1 года назад

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command.

CVE-2024-28835

CVSS3: 5

msrc

около 1 года назад

Описание отсутствует

CVE-2024-28835

CVSS3: 5

debian

больше 1 года назад

A flaw has been discovered in GnuTLS where an application crash can be ...

GHSA-ffpf-5h29-w36w

CVSS3: 5

github

больше 1 года назад

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command.

EPSS

Процентиль: 2%

0.00014

Низкий

5 Medium

CVSS3

CVE-2024-28835

Описание

Пакет gnutls28

Ссылки на источники

Связанные уязвимости