Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:rpm/redhat/gnutls@3.3.29-8?arch=el7
purl pkg:rpm/redhat/gnutls@3.3.29-8?arch=el7
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 2.6
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-q3g5-4xaf-hudf
Aliases:
CVE-2018-10846
gnutls: "Just in Time" PRIME + PROBE cache-based side channel attack can lead to plaintext recovery There are no reported fixed by versions.
VCID-vz27-wyaf-tkcr
Aliases:
CVE-2018-10845
gnutls: HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of wrong constant There are no reported fixed by versions.
VCID-zjx8-ydmt-juf3
Aliases:
CVE-2018-10844
gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls There are no reported fixed by versions.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T14:22:35.112477+00:00 RedHat Importer Affected by VCID-q3g5-4xaf-hudf https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10846.json 38.0.0
2026-04-01T14:22:35.085519+00:00 RedHat Importer Affected by VCID-vz27-wyaf-tkcr https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10845.json 38.0.0
2026-04-01T14:22:35.058451+00:00 RedHat Importer Affected by VCID-zjx8-ydmt-juf3 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10844.json 38.0.0