Количество 10
Количество 10
GHSA-cv49-m792-xmjv
GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application.
CVE-2020-13777
GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application.
CVE-2020-13777
GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application.
CVE-2020-13777
GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application.
CVE-2020-13777
GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2 and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation the TLS server always uses wrong data in place of an encryption key derived from an application.
CVE-2020-13777
GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting ...
openSUSE-SU-2020:0790-1
Security update for gnutls
SUSE-SU-2020:1584-1
Security update for gnutls
ROS-20240704-11
Уязвимость gnutls
ELSA-2020-2637
ELSA-2020-2637: gnutls security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-cv49-m792-xmjv GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application. | CVSS3: 7.4 | 2% Низкий | больше 3 лет назад |
 | CVE-2020-13777 GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application. | CVSS3: 7.4 | 2% Низкий | больше 5 лет назад |
 | CVE-2020-13777 GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application. | CVSS3: 7.4 | 2% Низкий | больше 5 лет назад |
 | CVE-2020-13777 GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application. | CVSS3: 7.4 | 2% Низкий | больше 5 лет назад |
 | CVE-2020-13777 GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2 and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation the TLS server always uses wrong data in place of an encryption key derived from an application. | CVSS3: 7.4 | 2% Низкий | больше 5 лет назад |
| CVE-2020-13777 GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting ... | CVSS3: 7.4 | 2% Низкий | больше 5 лет назад |
 | openSUSE-SU-2020:0790-1 Security update for gnutls | 2% Низкий | больше 5 лет назад | |
| SUSE-SU-2020:1584-1 Security update for gnutls | 2% Низкий | больше 5 лет назад | |
 | ROS-20240704-11 Уязвимость gnutls | CVSS3: 7.4 | 2% Низкий | больше 1 года назад |
| ELSA-2020-2637 ELSA-2020-2637: gnutls security update (IMPORTANT) | больше 5 лет назад |
Уязвимостей на страницу