Search for packages
| purl | pkg:deb/debian/gnutls28@3.5.8-5%2Bdeb9u5 |
| Next non-vulnerable version | 3.7.9-2+deb12u5 |
| Latest non-vulnerable version | 3.7.9-2+deb12u5 |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3qcs-1fcj-m3fw
Aliases: CVE-2020-11501 GNUTLS-SA-2020-03-31 |
gnutls: DTLS client hello contains a random value of all zeroes |
Affected by 19 other vulnerabilities. Affected by 11 other vulnerabilities. |
|
VCID-6fzu-8998-abdk
Aliases: CVE-2020-13777 GNUTLS-SA-2020-06-03 |
An information disclosure vulnerability in GnuTLS allow remote attackers to obtain sensitive information. |
Affected by 19 other vulnerabilities. Affected by 11 other vulnerabilities. |
|
VCID-86j1-j381-cucy
Aliases: CVE-2022-2509 GNUTLS-SA-2022-07-07 |
Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to a denial of service. |
Affected by 11 other vulnerabilities. |
|
VCID-92x9-x1ep-cqdn
Aliases: CVE-2024-28834 GNUTLS-SA-2023-12-04 |
Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to a denial of service. |
Affected by 0 other vulnerabilities. |
|
VCID-9pdw-udwq-6kbz
Aliases: CVE-2025-9820 GNUTLS-SA-2025-11-18 |
gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function |
Affected by 0 other vulnerabilities. |
|
VCID-a18u-4j99-nbf8
Aliases: CVE-2024-0553 |
Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to a denial of service. |
Affected by 8 other vulnerabilities. |
|
VCID-a296-a2f2-kfba
Aliases: CVE-2019-3829 |
Multiple vulnerabilities have been found in GnuTLS, the worst of which could result in a Denial of Service condition. |
Affected by 19 other vulnerabilities. |
|
VCID-abn3-2b4q-z7ga
Aliases: CVE-2023-5981 |
Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to a denial of service. |
Affected by 8 other vulnerabilities. |
|
VCID-f5c7-jcd9-67hj
Aliases: CVE-2025-14831 GNUTLS-SA-2026-02-09-2 |
gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification |
Affected by 0 other vulnerabilities. |
|
VCID-gy9e-81rw-pug2
Aliases: CVE-2021-4209 |
GnuTLS: Null pointer dereference in MD_UPDATE |
Affected by 11 other vulnerabilities. |
|
VCID-jxjc-vjdc-1yfj
Aliases: CVE-2023-0361 |
Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to a denial of service. |
Affected by 11 other vulnerabilities. |
|
VCID-k31b-6m7s-pffq
Aliases: CVE-2017-7507 |
A null pointer dereference in GnuTLS might allow attackers to cause a Denial of Service condition. |
Affected by 19 other vulnerabilities. |
|
VCID-k5vv-ts4z-j7g5
Aliases: CVE-2021-20232 |
gnutls: Use after free in client_send_params in lib/ext/pre_shared_key.c |
Affected by 11 other vulnerabilities. |
|
VCID-pf5n-65mk-2ff3
Aliases: CVE-2025-32990 GNUTLS-SA-2025-07-08-3 |
Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to arbitrary code execution. |
Affected by 0 other vulnerabilities. |
|
VCID-q3g5-4xaf-hudf
Aliases: CVE-2018-10846 |
gnutls: "Just in Time" PRIME + PROBE cache-based side channel attack can lead to plaintext recovery |
Affected by 19 other vulnerabilities. |
|
VCID-qp8x-339r-pbhe
Aliases: CVE-2018-16868 |
gnutls: Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification and padding oracle verification |
Affected by 19 other vulnerabilities. |
|
VCID-qtsh-kn2d-h7cr
Aliases: CVE-2024-28835 GNUTLS-SA-2024-01-23 |
Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to a denial of service. |
Affected by 0 other vulnerabilities. |
|
VCID-r531-qbtt-akgf
Aliases: CVE-2019-3836 |
Multiple vulnerabilities have been found in GnuTLS, the worst of which could result in a Denial of Service condition. |
Affected by 19 other vulnerabilities. |
|
VCID-sp9u-9wwg-b7e9
Aliases: CVE-2020-24659 GNUTLS-SA-2020-09-04 |
A flaw was found in GnuTLS, possibly allowing a Denial of Service condition. |
Affected by 11 other vulnerabilities. |
|
VCID-uc8j-r79v-n7ck
Aliases: CVE-2025-32988 GNUTLS-SA-2025-07-08-2 |
Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to arbitrary code execution. |
Affected by 0 other vulnerabilities. |
|
VCID-uws5-j79f-cbar
Aliases: CVE-2021-20231 GNUTLS-SA-2021-03-10 |
gnutls: Use after free in client key_share extension |
Affected by 11 other vulnerabilities. |
|
VCID-vz27-wyaf-tkcr
Aliases: CVE-2018-10845 |
gnutls: HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of wrong constant |
Affected by 19 other vulnerabilities. |
|
VCID-w7f6-5b6h-8kh4
Aliases: CVE-2024-0567 |
Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to a denial of service. |
Affected by 8 other vulnerabilities. |
|
VCID-wqyp-93bk-vbh2
Aliases: CVE-2025-6395 GNUTLS-SA-2025-07-08-4 |
Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to arbitrary code execution. |
Affected by 0 other vulnerabilities. |
|
VCID-x5jd-qddc-eudq
Aliases: CVE-2024-12243 GNUTLS-SA-2025-02-07 |
Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to arbitrary code execution. |
Affected by 0 other vulnerabilities. |
|
VCID-zjx8-ydmt-juf3
Aliases: CVE-2018-10844 |
gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls |
Affected by 19 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-334s-gdq8-jucy | security update |
CVE-2015-6251
|
| VCID-4f3z-x697-abd5 | gnutls: Out-of-bounds write related to the cdk_pkt_read function (GNUTLS-SA-2017-3) |
CVE-2017-7869
|
| VCID-5aea-cjz1-jkh1 | gnutls: Environment variable GNUTLS_KEYLOGFILE is obtained via insecure getenv() |
CVE-2016-4456
|
| VCID-6u4f-wt5u-8ueb | gnutls: Incorrect certificate validation when using OCSP responses (GNUTLS-SA-2016-3) |
CVE-2016-7444
|
| VCID-egeh-jk4m-sba8 | Multiple vulnerabilities have been found in GnuTLS, the worst of which may allow execution of arbitrary code. |
CVE-2017-5337
|
| VCID-k31b-6m7s-pffq | A null pointer dereference in GnuTLS might allow attackers to cause a Denial of Service condition. |
CVE-2017-7507
|
| VCID-m31f-a3pn-yyb4 | Multiple vulnerabilities have been found in GnuTLS, the worst of which may allow execution of arbitrary code. |
CVE-2017-5335
|
| VCID-mtvm-zj2z-m7gf | Multiple vulnerabilities have been found in GnuTLS, the worst of which may allow execution of arbitrary code. |
CVE-2017-5336
|
| VCID-nce1-q8wc-s3ae | Multiple vulnerabilities have been fixed in GnuTLS, the worst of which can cause Denial of Service |
CVE-2015-3308
|
| VCID-qup9-qy11-fqhe | Multiple vulnerabilities have been found in mbed TLS, the worst of which could lead to the remote execution of arbitrary code. |
CVE-2015-7575
|
| VCID-y71t-sfb1-w3gw | Multiple vulnerabilities have been found in GnuTLS, the worst of which may allow execution of arbitrary code. |
CVE-2017-5334
|