VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-a18u-4j99-nbf8

Essentials
Severities (40)
References (32)
Severity details (24)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-a18u-4j99-nbf8
Aliases	CVE-2024-0553
Summary	Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to a denial of service.
Status	Published
Exploitability	0.5
Weighted Severity	6.8
Risk	3.4
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-203

Observable Discrepancy

System	Score	Found at
cvssv3.1	7.5	https://access.redhat.com/errata/RHSA-2024:0533
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:0533
cvssv3.1	7.5	https://access.redhat.com/errata/RHSA-2024:0627
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:0627
cvssv3.1	7.5	https://access.redhat.com/errata/RHSA-2024:0796
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:0796
cvssv3.1	7.5	https://access.redhat.com/errata/RHSA-2024:1082
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:1082
cvssv3.1	7.5	https://access.redhat.com/errata/RHSA-2024:1108
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:1108
cvssv3.1	7.5	https://access.redhat.com/errata/RHSA-2024:1383
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:1383
cvssv3.1	7.5	https://access.redhat.com/errata/RHSA-2024:2094
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:2094
cvssv3	7.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0553.json
cvssv3.1	7.5	https://access.redhat.com/security/cve/CVE-2024-0553
ssvc	Track	https://access.redhat.com/security/cve/CVE-2024-0553
epss	0.00948	https://api.first.org/data/v1/epss?cve=CVE-2024-0553
epss	0.00948	https://api.first.org/data/v1/epss?cve=CVE-2024-0553
epss	0.00948	https://api.first.org/data/v1/epss?cve=CVE-2024-0553
epss	0.00948	https://api.first.org/data/v1/epss?cve=CVE-2024-0553
epss	0.00948	https://api.first.org/data/v1/epss?cve=CVE-2024-0553
epss	0.00948	https://api.first.org/data/v1/epss?cve=CVE-2024-0553
epss	0.01029	https://api.first.org/data/v1/epss?cve=CVE-2024-0553
epss	0.01029	https://api.first.org/data/v1/epss?cve=CVE-2024-0553
epss	0.01029	https://api.first.org/data/v1/epss?cve=CVE-2024-0553
epss	0.01029	https://api.first.org/data/v1/epss?cve=CVE-2024-0553
epss	0.01029	https://api.first.org/data/v1/epss?cve=CVE-2024-0553
epss	0.01029	https://api.first.org/data/v1/epss?cve=CVE-2024-0553
epss	0.01029	https://api.first.org/data/v1/epss?cve=CVE-2024-0553
epss	0.01029	https://api.first.org/data/v1/epss?cve=CVE-2024-0553
epss	0.01029	https://api.first.org/data/v1/epss?cve=CVE-2024-0553
epss	0.01029	https://api.first.org/data/v1/epss?cve=CVE-2024-0553
cvssv3.1	7.5	https://bugzilla.redhat.com/show_bug.cgi?id=2258412
ssvc	Track	https://bugzilla.redhat.com/show_bug.cgi?id=2258412
cvssv3.1	5.9	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	7.5	https://gitlab.com/gnutls/gnutls/-/issues/1522
ssvc	Track	https://gitlab.com/gnutls/gnutls/-/issues/1522
cvssv3.1	7.5	https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html
ssvc	Track	https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0553.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-0553
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0553
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
004841.html		https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html
1061046		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061046
1522		https://gitlab.com/gnutls/gnutls/-/issues/1522
2258412		https://bugzilla.redhat.com/show_bug.cgi?id=2258412
cpe:/a:redhat:enterprise_linux:8::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
cpe:/a:redhat:enterprise_linux:9::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
cpe:/a:redhat:logging:5.8::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:logging:5.8::el9
cpe:/a:redhat:openshift_data_foundation:4.15::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.15::el9
cpe:/a:redhat:rhel_eus:8.6::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream
cpe:/a:redhat:rhel_eus:8.8::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream
cpe:/a:redhat:rhel_eus:9.2::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
cpe:/o:redhat:enterprise_linux:6		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8::baseos		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
cpe:/o:redhat:enterprise_linux:9::baseos		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
cpe:/o:redhat:rhel_eus:8.6::baseos		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos
cpe:/o:redhat:rhel_eus:8.8::baseos		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
cpe:/o:redhat:rhel_eus:9.2::baseos		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos
CVE-2024-0553		https://access.redhat.com/security/cve/CVE-2024-0553
GLSA-202411-06		https://security.gentoo.org/glsa/202411-06
RHSA-2024:0533		https://access.redhat.com/errata/RHSA-2024:0533
RHSA-2024:0627		https://access.redhat.com/errata/RHSA-2024:0627
RHSA-2024:0796		https://access.redhat.com/errata/RHSA-2024:0796
RHSA-2024:1082		https://access.redhat.com/errata/RHSA-2024:1082
RHSA-2024:1108		https://access.redhat.com/errata/RHSA-2024:1108
RHSA-2024:1383		https://access.redhat.com/errata/RHSA-2024:1383
RHSA-2024:2094		https://access.redhat.com/errata/RHSA-2024:2094
USN-6593-1		https://usn.ubuntu.com/6593-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2024:0533

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:0533

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2024:0627

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:0627

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2024:0796

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:0796

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2024:1082

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:1082

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2024:1108

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:1108

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2024:1383

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:1383

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2024:2094

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:2094

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0553.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/security/cve/CVE-2024-0553

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/ Found at https://access.redhat.com/security/cve/CVE-2024-0553

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://bugzilla.redhat.com/show_bug.cgi?id=2258412

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/ Found at https://bugzilla.redhat.com/show_bug.cgi?id=2258412

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://gitlab.com/gnutls/gnutls/-/issues/1522

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/ Found at https://gitlab.com/gnutls/gnutls/-/issues/1522

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/ Found at https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html

Exploit Prediction Scoring System (EPSS)

Percentile	0.76371
EPSS Score	0.00948
Published At	April 21, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:03:04.382497+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/202411-06	38.0.0