VulnerableCode Package Details - pkg:alpm/archlinux/lib32-gnutls@3.4.15-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-jtkx-8qe5-aaap Aliases: CVE-2017-7507	GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application.	3.5.13-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-jtkx-8qe5-aaap
Aliases:
CVE-2017-7507

GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application.

3.5.13-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-6jvx-nbvu-aaaq	The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc.	CVE-2016-7444

Vulnerability

Summary

Aliases

VCID-6jvx-nbvu-aaaq

The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc.

CVE-2016-7444

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:47:01.492575+00:00	Arch Linux Importer	Fixing	VCID-6jvx-nbvu-aaaq	https://security.archlinux.org/AVG-17	36.0.0
2025-03-28T07:46:58.917732+00:00	Arch Linux Importer	Affected by	VCID-jtkx-8qe5-aaap	https://security.archlinux.org/AVG-295	36.0.0
2024-11-24T22:48:33.515114+00:00	Arch Linux Importer	Fixing	VCID-6jvx-nbvu-aaaq	https://security.archlinux.org/AVG-17	35.0.0
2024-11-24T22:48:33.232544+00:00	Arch Linux Importer	Affected by	VCID-jtkx-8qe5-aaap	https://security.archlinux.org/AVG-295	35.0.0
2024-09-18T02:02:23.840543+00:00	Arch Linux Importer	Fixing	VCID-6jvx-nbvu-aaaq	https://security.archlinux.org/AVG-17	34.0.1
2024-09-18T02:02:20.663091+00:00	Arch Linux Importer	Affected by	VCID-jtkx-8qe5-aaap	https://security.archlinux.org/AVG-295	34.0.1
2024-01-03T22:28:25.202083+00:00	Arch Linux Importer	Fixing	VCID-6jvx-nbvu-aaaq	https://security.archlinux.org/AVG-17	34.0.0rc1
2024-01-03T22:28:22.328808+00:00	Arch Linux Importer	Affected by	VCID-jtkx-8qe5-aaap	https://security.archlinux.org/AVG-295	34.0.0rc1