Search CVE reports
31 – 40 of 51 results
CVE-2015-7575
Medium prioritySome fixes available 38 of 44
Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol...
12 affected packages
firefox, gnutls26, gnutls28, mbedtls, nss...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | Fixed | Fixed |
| gnutls26 | — | — | — | Not in release | Not in release |
| gnutls28 | — | — | — | Not affected | Not affected |
| mbedtls | — | — | — | Not affected | Not affected |
| nss | — | — | — | Not affected | Not affected |
| openjdk-6 | — | — | — | Not in release | Not in release |
| openjdk-7 | — | — | — | Not in release | Not in release |
| openjdk-8 | — | — | — | Not affected | Not affected |
| openssl | — | — | — | Not affected | Not affected |
| openssl098 | — | — | — | Not in release | Not in release |
| polarssl | — | — | — | Not in release | Not in release |
| thunderbird | — | — | — | Fixed | Fixed |
CVE-2015-8313
Medium priorityGnuTLS incorrectly validates the first byte of padding in CBC modes
2 affected packages
gnutls26, gnutls28
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gnutls26 | — | — | — | — | — |
| gnutls28 | — | — | — | — | — |
CVE-2015-6251
Medium priorityDouble free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate.
2 affected packages
gnutls26, gnutls28
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gnutls26 | — | — | — | Not in release | Not in release |
| gnutls28 | — | — | — | Fixed | Fixed |
CVE-2015-4000
Medium prioritySome fixes available 48 of 55
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks...
11 affected packages
apache2, firefox, gnutls26, gnutls28, nss...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| apache2 | — | — | — | Not affected | Not affected |
| firefox | — | — | — | Fixed | Fixed |
| gnutls26 | — | — | — | Not in release | Not in release |
| gnutls28 | — | — | — | Not affected | Not affected |
| nss | — | — | — | Fixed | Fixed |
| openjdk-6 | — | — | — | Not in release | Not in release |
| openjdk-7 | — | — | — | Not in release | Not in release |
| openjdk-8 | — | — | — | Not affected | Not affected |
| openssl | — | — | — | Not affected | Not affected |
| openssl098 | — | — | — | Not in release | Not in release |
| thunderbird | — | — | — | Fixed | Fixed |
CVE-2015-3308
Low priorityDouble free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point.
2 affected packages
gnutls26, gnutls28
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gnutls26 | — | — | — | — | — |
| gnutls28 | — | — | — | — | — |
CVE-2015-0282
Medium prioritySome fixes available 3 of 5
GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors.
2 affected packages
gnutls26, gnutls28
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gnutls26 | — | — | — | — | Not in release |
| gnutls28 | — | — | — | — | Not affected |
CVE-2015-0294
Low prioritySome fixes available 13 of 15
GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.
2 affected packages
gnutls26, gnutls28
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gnutls26 | — | — | — | Not in release | Not in release |
| gnutls28 | — | — | — | Fixed | Fixed |
CVE-2014-8155
Low priorityGnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is (1) not yet valid or (2)...
2 affected packages
gnutls26, gnutls28
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gnutls26 | — | — | — | — | — |
| gnutls28 | — | — | — | — | — |
CVE-2014-8564
Medium prioritySome fixes available 10 of 11
The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1)...
2 affected packages
gnutls26, gnutls28
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gnutls26 | — | — | — | Not in release | Not in release |
| gnutls28 | — | — | — | Fixed | Fixed |
CVE-2014-3465
Medium priorityThe gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted X.509 certificate, related...
2 affected packages
gnutls26, gnutls28
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gnutls26 | — | — | — | Not in release | Not in release |
| gnutls28 | — | — | — | Not affected | Not affected |