Количество 8
Количество 8
CVE-2016-7444
The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc.
CVE-2016-7444
The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc.
CVE-2016-7444
The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc.
CVE-2016-7444
The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS b ...
GHSA-3ccg-r3xv-q4cg
The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc.
openSUSE-SU-2017:0386-1
Security update for gnutls
SUSE-SU-2017:0348-1
Security update for gnutls
ELSA-2017-2292
ELSA-2017-2292: gnutls security, bug fix, and enhancement update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2016-7444 The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc. | CVSS3: 7.5 | 1% Низкий | почти 9 лет назад |
 | CVE-2016-7444 The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc. | CVSS3: 5.3 | 1% Низкий | почти 9 лет назад |
 | CVE-2016-7444 The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc. | CVSS3: 7.5 | 1% Низкий | почти 9 лет назад |
| CVE-2016-7444 The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS b ... | CVSS3: 7.5 | 1% Низкий | почти 9 лет назад |
| GHSA-3ccg-r3xv-q4cg The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc. | CVSS3: 7.5 | 1% Низкий | около 3 лет назад |
 | openSUSE-SU-2017:0386-1 Security update for gnutls | больше 8 лет назад | ||
| SUSE-SU-2017:0348-1 Security update for gnutls | больше 8 лет назад | ||
| ELSA-2017-2292 ELSA-2017-2292: gnutls security, bug fix, and enhancement update (MODERATE) | почти 8 лет назад |
Уязвимостей на страницу