Search for packages
| purl | pkg:deb/debian/gnutls28@3.7.1-5%2Bdeb11u5 |
| Next non-vulnerable version | 3.7.9-2+deb12u4 |
| Latest non-vulnerable version | 3.7.9-2+deb12u4 |
| Risk | 2.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1dxg-7s2c-aaap
Aliases: CVE-2024-28834 GNUTLS-SA-2023-12-04 |
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-1v8h-2w89-aaab
Aliases: CVE-2024-28835 GNUTLS-SA-2024-01-23 |
A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-e3vt-s12k-suhq
Aliases: CVE-2024-12243 |
gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-11jh-j16s-aaah | gnutls: incomplete fix for CVE-2023-5981 |
CVE-2024-0553
|
| VCID-2c44-4bdp-aaar | gnutls: rejects certificate chain with distributed trust |
CVE-2024-0567
|
| VCID-9q1d-466h-aaan | A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. |
CVE-2023-5981
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-22T13:31:14.408428+00:00 | Debian Importer | Fixing | VCID-9q1d-466h-aaan | None | 36.1.3 |
| 2025-06-22T06:21:50.942852+00:00 | Debian Importer | Fixing | VCID-11jh-j16s-aaah | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-22T04:51:54.245626+00:00 | Debian Importer | Fixing | VCID-9q1d-466h-aaan | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T13:33:13.132315+00:00 | Debian Importer | Fixing | VCID-2c44-4bdp-aaar | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T10:10:22.453614+00:00 | Debian Importer | Affected by | VCID-1v8h-2w89-aaab | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-04-13T02:52:20.204302+00:00 | Debian Oval Importer | Affected by | VCID-e3vt-s12k-suhq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-13T01:55:20.108645+00:00 | Debian Oval Importer | Affected by | VCID-1v8h-2w89-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-13T01:53:38.048571+00:00 | Debian Oval Importer | Affected by | VCID-1dxg-7s2c-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-13T01:21:13.181899+00:00 | Debian Oval Importer | Fixing | VCID-2c44-4bdp-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-13T01:21:07.175923+00:00 | Debian Oval Importer | Fixing | VCID-11jh-j16s-aaah | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T23:23:09.626945+00:00 | Debian Oval Importer | Fixing | VCID-9q1d-466h-aaan | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-06T22:14:04.558604+00:00 | Debian Importer | Affected by | VCID-1dxg-7s2c-aaap | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-06T06:54:27.892690+00:00 | Debian Importer | Fixing | VCID-9q1d-466h-aaan | None | 36.0.0 |
| 2025-04-06T00:06:27.986319+00:00 | Debian Importer | Fixing | VCID-11jh-j16s-aaah | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-05T22:49:14.637195+00:00 | Debian Importer | Fixing | VCID-9q1d-466h-aaan | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-05T10:05:55.652762+00:00 | Debian Importer | Fixing | VCID-2c44-4bdp-aaar | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-05T07:27:36.464651+00:00 | Debian Importer | Affected by | VCID-1v8h-2w89-aaab | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-02-21T21:42:11.255834+00:00 | Debian Importer | Affected by | VCID-1v8h-2w89-aaab | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T21:42:02.187138+00:00 | Debian Importer | Affected by | VCID-1dxg-7s2c-aaap | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T17:54:13.990740+00:00 | Debian Importer | Fixing | VCID-2c44-4bdp-aaar | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T17:53:32.031691+00:00 | Debian Importer | Fixing | VCID-11jh-j16s-aaah | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T17:13:42.645563+00:00 | Debian Importer | Fixing | VCID-9q1d-466h-aaan | None | 35.1.0 |
| 2025-02-21T17:13:40.275346+00:00 | Debian Importer | Fixing | VCID-9q1d-466h-aaan | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2024-05-20T15:55:54.251072+00:00 | Debian Importer | Fixing | VCID-2c44-4bdp-aaar | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-05-20T15:55:39.006377+00:00 | Debian Importer | Fixing | VCID-11jh-j16s-aaah | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-05-20T15:40:08.679123+00:00 | Debian Importer | Fixing | VCID-9q1d-466h-aaan | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |