Search for packages
| purl | pkg:deb/debian/gnutls26@2.12.20-8%2Bdeb7u5 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-13xf-5uk1-aaaa
Aliases: CVE-2014-1959 |
lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates. | There are no reported fixed by versions. |
|
VCID-stcz-2fq5-aaap
Aliases: CVE-2014-0092 |
lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-13xf-5uk1-aaaa | lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates. |
CVE-2014-1959
|
| VCID-2zab-6bzp-aaae | Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision. |
CVE-2015-7575
|
| VCID-3cjv-9a1e-aaae | Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message. |
CVE-2014-3466
|
| VCID-dv9u-5h4j-aaae | GnuTLS incorrectly validates the first byte of padding in CBC modes |
CVE-2015-8313
|
| VCID-sj73-kvv9-aaad | CVE-2013-2116 gnutls: out of bounds read in _gnutls_ciphertext2compressed (GNUTLS-SA-2013-2) |
CVE-2013-2116
|
| VCID-stcz-2fq5-aaap | lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. |
CVE-2014-0092
|
| VCID-uxsr-unmu-aaak | GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors. |
CVE-2015-0282
|
| VCID-wm9w-3u2d-aaap | GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate. |
CVE-2015-0294
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T09:19:21.301228+00:00 | Debian Oval Importer | Fixing | VCID-dv9u-5h4j-aaae | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T09:15:21.807281+00:00 | Debian Oval Importer | Fixing | VCID-13xf-5uk1-aaaa | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T09:14:43.959359+00:00 | Debian Oval Importer | Fixing | VCID-2zab-6bzp-aaae | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T09:11:27.848408+00:00 | Debian Oval Importer | Fixing | VCID-wm9w-3u2d-aaap | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T09:11:06.202827+00:00 | Debian Oval Importer | Fixing | VCID-uxsr-unmu-aaak | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T09:04:43.363322+00:00 | Debian Oval Importer | Fixing | VCID-3cjv-9a1e-aaae | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T09:03:39.837622+00:00 | Debian Oval Importer | Fixing | VCID-stcz-2fq5-aaap | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T09:00:21.732491+00:00 | Debian Oval Importer | Fixing | VCID-sj73-kvv9-aaad | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-20T19:40:22.042438+00:00 | Debian Oval Importer | Affected by | VCID-13xf-5uk1-aaaa | None | 36.1.3 |
| 2025-06-20T19:39:53.293679+00:00 | Debian Oval Importer | Affected by | VCID-stcz-2fq5-aaap | None | 36.1.3 |
| 2025-06-20T19:30:52.625707+00:00 | Debian Oval Importer | Fixing | VCID-3cjv-9a1e-aaae | None | 36.1.3 |
| 2025-06-20T19:27:56.626908+00:00 | Debian Oval Importer | Fixing | VCID-stcz-2fq5-aaap | None | 36.1.3 |
| 2025-06-20T19:26:07.725171+00:00 | Debian Oval Importer | Fixing | VCID-13xf-5uk1-aaaa | None | 36.1.3 |
| 2025-06-20T19:25:39.298693+00:00 | Debian Oval Importer | Fixing | VCID-uxsr-unmu-aaak | None | 36.1.3 |
| 2025-06-20T19:23:08.185153+00:00 | Debian Oval Importer | Fixing | VCID-sj73-kvv9-aaad | None | 36.1.3 |
| 2025-06-20T19:21:48.530530+00:00 | Debian Oval Importer | Fixing | VCID-2zab-6bzp-aaae | None | 36.1.3 |
| 2025-06-20T19:20:39.656588+00:00 | Debian Oval Importer | Fixing | VCID-dv9u-5h4j-aaae | None | 36.1.3 |
| 2025-06-08T03:07:11.731546+00:00 | Debian Oval Importer | Fixing | VCID-dv9u-5h4j-aaae | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T03:03:04.613298+00:00 | Debian Oval Importer | Fixing | VCID-13xf-5uk1-aaaa | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T03:02:24.420124+00:00 | Debian Oval Importer | Fixing | VCID-2zab-6bzp-aaae | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T02:58:56.930432+00:00 | Debian Oval Importer | Fixing | VCID-wm9w-3u2d-aaap | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T02:58:32.725204+00:00 | Debian Oval Importer | Fixing | VCID-uxsr-unmu-aaak | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T02:51:46.735405+00:00 | Debian Oval Importer | Fixing | VCID-3cjv-9a1e-aaae | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T02:50:40.108261+00:00 | Debian Oval Importer | Fixing | VCID-stcz-2fq5-aaap | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T02:47:11.962869+00:00 | Debian Oval Importer | Fixing | VCID-sj73-kvv9-aaad | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-07T13:34:22.334032+00:00 | Debian Oval Importer | Affected by | VCID-13xf-5uk1-aaaa | None | 36.1.0 |
| 2025-06-07T13:34:01.498286+00:00 | Debian Oval Importer | Affected by | VCID-stcz-2fq5-aaap | None | 36.1.0 |
| 2025-06-07T13:27:38.623508+00:00 | Debian Oval Importer | Fixing | VCID-3cjv-9a1e-aaae | None | 36.1.0 |
| 2025-06-07T13:25:29.077500+00:00 | Debian Oval Importer | Fixing | VCID-stcz-2fq5-aaap | None | 36.1.0 |
| 2025-06-07T13:24:12.712864+00:00 | Debian Oval Importer | Fixing | VCID-13xf-5uk1-aaaa | None | 36.1.0 |
| 2025-06-07T13:23:49.660100+00:00 | Debian Oval Importer | Fixing | VCID-uxsr-unmu-aaak | None | 36.1.0 |
| 2025-06-07T13:21:59.041299+00:00 | Debian Oval Importer | Fixing | VCID-sj73-kvv9-aaad | None | 36.1.0 |
| 2025-06-07T13:21:22.923495+00:00 | Debian Oval Importer | Fixing | VCID-2zab-6bzp-aaae | None | 36.1.0 |
| 2025-06-07T13:20:12.148757+00:00 | Debian Oval Importer | Fixing | VCID-dv9u-5h4j-aaae | None | 36.1.0 |
| 2025-06-03T13:24:47.807981+00:00 | Debian Oval Importer | Fixing | VCID-stcz-2fq5-aaap | None | 36.1.2 |
| 2025-06-03T13:23:30.660555+00:00 | Debian Oval Importer | Fixing | VCID-13xf-5uk1-aaaa | None | 36.1.2 |
| 2025-06-03T13:23:08.436457+00:00 | Debian Oval Importer | Fixing | VCID-uxsr-unmu-aaak | None | 36.1.2 |
| 2025-06-03T13:21:22.639604+00:00 | Debian Oval Importer | Fixing | VCID-sj73-kvv9-aaad | None | 36.1.2 |
| 2025-06-03T13:20:46.484978+00:00 | Debian Oval Importer | Fixing | VCID-2zab-6bzp-aaae | None | 36.1.2 |
| 2025-06-03T13:19:39.996646+00:00 | Debian Oval Importer | Fixing | VCID-dv9u-5h4j-aaae | None | 36.1.2 |
| 2025-04-08T01:34:25.601174+00:00 | Debian Oval Importer | Fixing | VCID-dv9u-5h4j-aaae | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-08T01:30:12.299856+00:00 | Debian Oval Importer | Fixing | VCID-13xf-5uk1-aaaa | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-08T01:29:33.066278+00:00 | Debian Oval Importer | Fixing | VCID-2zab-6bzp-aaae | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-08T01:26:04.442110+00:00 | Debian Oval Importer | Fixing | VCID-wm9w-3u2d-aaap | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-08T01:25:42.216281+00:00 | Debian Oval Importer | Fixing | VCID-uxsr-unmu-aaak | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-08T01:19:01.659864+00:00 | Debian Oval Importer | Fixing | VCID-3cjv-9a1e-aaae | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-08T01:17:53.203546+00:00 | Debian Oval Importer | Fixing | VCID-stcz-2fq5-aaap | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-08T01:14:21.667520+00:00 | Debian Oval Importer | Fixing | VCID-sj73-kvv9-aaad | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-07T12:09:48.688574+00:00 | Debian Oval Importer | Affected by | VCID-13xf-5uk1-aaaa | None | 36.0.0 |
| 2025-04-07T12:09:27.560241+00:00 | Debian Oval Importer | Affected by | VCID-stcz-2fq5-aaap | None | 36.0.0 |
| 2025-04-07T12:03:10.136566+00:00 | Debian Oval Importer | Fixing | VCID-3cjv-9a1e-aaae | None | 36.0.0 |
| 2025-04-07T12:01:00.300545+00:00 | Debian Oval Importer | Fixing | VCID-stcz-2fq5-aaap | None | 36.0.0 |
| 2025-04-07T11:59:42.487226+00:00 | Debian Oval Importer | Fixing | VCID-13xf-5uk1-aaaa | None | 36.0.0 |
| 2025-04-07T11:59:19.472660+00:00 | Debian Oval Importer | Fixing | VCID-uxsr-unmu-aaak | None | 36.0.0 |
| 2025-04-07T11:57:29.784300+00:00 | Debian Oval Importer | Fixing | VCID-sj73-kvv9-aaad | None | 36.0.0 |
| 2025-04-07T11:56:53.888049+00:00 | Debian Oval Importer | Fixing | VCID-2zab-6bzp-aaae | None | 36.0.0 |
| 2025-04-07T11:55:44.899192+00:00 | Debian Oval Importer | Fixing | VCID-dv9u-5h4j-aaae | None | 36.0.0 |
| 2024-12-28T17:24:28.531170+00:00 | Debian Oval Importer | Fixing | VCID-sj73-kvv9-aaad | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 35.0.0 |
| 2024-10-15T06:57:52.523086+00:00 | Debian Oval Importer | Fixing | VCID-sj73-kvv9-aaad | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 34.0.2 |
| 2024-10-05T04:57:51.006609+00:00 | Debian Oval Importer | Fixing | VCID-sj73-kvv9-aaad | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 34.0.1 |