VulnerableCode Package Details - pkg:deb/debian/gnutls26@2.8.6-1%2Bsqueeze3

Search for packages

Package details: pkg:deb/debian/gnutls26@2.8.6-1%2Bsqueeze3

Essentials
History (8)

purl	pkg:deb/debian/gnutls26@2.8.6-1%2Bsqueeze3

Next non-vulnerable version	2.12.20-8+deb7u5
Latest non-vulnerable version	2.12.20-8+deb7u5
Risk	3.4

Vulnerabilities affecting this package (8)

Vulnerability	Summary	Fixed by
VCID-4p9b-sbpx-jfdj Aliases: CVE-2015-8313	security update	2.12.20-8+deb7u5 Affected by 0 other vulnerabilities.
VCID-7e5p-aazx-tffp Aliases: CVE-2013-2116		2.12.20-8+deb7u5 Affected by 0 other vulnerabilities.
VCID-7svy-v5cp-u3fd Aliases: CVE-2015-7575	Security researcher Karthikeyan Bhargavan reported an issue in Network Security Services (NSS) where MD5 signatures in the server signature within the TLS 1.2 ServerKeyExchange message are still accepted. This is an issue since NSS has officially disallowed the accepting MD5 as a hash algorithm in signatures since 2011. This issues exposes NSS based clients such as Firefox to theoretical collision-based forgery attacks. This issue was fixed in NSS version 3.20.2.	2.12.20-8+deb7u5 Affected by 0 other vulnerabilities.
VCID-99hm-5jbk-pyhe Aliases: CVE-2015-0282		2.12.20-8+deb7u5 Affected by 0 other vulnerabilities.
VCID-jrwh-9nw8-m7fd Aliases: CVE-2014-0092		2.12.20-8+deb7u5 Affected by 0 other vulnerabilities.
VCID-wb6p-qxqh-7yh3 Aliases: CVE-2014-3466		2.12.20-8+deb7u5 Affected by 0 other vulnerabilities.
VCID-xyrw-13hg-97ba Aliases: CVE-2014-1959		2.12.20-8+deb7u5 Affected by 0 other vulnerabilities.
VCID-zg6w-4zts-rqbk Aliases: CVE-2015-0294	GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.	2.12.20-8+deb7u5 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T09:40:41.593028+00:00	Debian Oval Importer	Affected by	VCID-4p9b-sbpx-jfdj	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	37.0.0
2025-08-01T09:36:39.046824+00:00	Debian Oval Importer	Affected by	VCID-xyrw-13hg-97ba	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	37.0.0
2025-08-01T09:36:00.667030+00:00	Debian Oval Importer	Affected by	VCID-7svy-v5cp-u3fd	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	37.0.0
2025-08-01T09:32:41.696669+00:00	Debian Oval Importer	Affected by	VCID-zg6w-4zts-rqbk	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	37.0.0
2025-08-01T09:32:19.688574+00:00	Debian Oval Importer	Affected by	VCID-99hm-5jbk-pyhe	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	37.0.0
2025-08-01T09:25:53.426069+00:00	Debian Oval Importer	Affected by	VCID-wb6p-qxqh-7yh3	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	37.0.0
2025-08-01T09:24:48.186946+00:00	Debian Oval Importer	Affected by	VCID-jrwh-9nw8-m7fd	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	37.0.0
2025-08-01T09:21:29.218606+00:00	Debian Oval Importer	Affected by	VCID-7e5p-aazx-tffp	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	37.0.0