Suggestions search

Untriaged

Filter by:

With package: python312Packages.python3-gnutls

Found 3 matching suggestions

View:

Compact

Detailed

Permalink CVE-2026-1584

7.5 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 1 week ago

Gnutls: gnutls: remote denial of service via crafted clienthello with invalid psk binder

A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key (PSK) binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and resulting in a remote Denial of Service (DoS) condition.

References

https://access.redhat.com/security/cve/CVE-2026-1584 vdb-entryx_refsource_REDHAT
RHBZ#2435258 issue-trackingx_refsource_REDHAT

Affected products

rhcos

gnutls

Matching in nixpkgs

pkgs.gnutls

GNU Transport Layer Security Library

nixos-unstable 3.8.12
- nixpkgs-unstable 3.8.12
- nixos-unstable-small 3.8.12
nixos-25.11 3.8.12
- nixos-25.11-small 3.8.12
- nixpkgs-25.11-darwin 3.8.12

pkgs.guile-gnutls

Guile bindings for GnuTLS library

nixos-unstable 5.0.1
- nixpkgs-unstable 5.0.1
- nixos-unstable-small 5.0.1
nixos-25.11 5.0.1
- nixos-25.11-small 5.0.1
- nixpkgs-25.11-darwin 5.0.1

pkgs.python312Packages.python3-gnutls

Python wrapper for the GnuTLS library

nixos-25.11 python3-gnutls-3.1.10
- nixos-25.11-small python3-gnutls-3.1.10
- nixpkgs-25.11-darwin python3-gnutls-3.1.10

pkgs.python313Packages.python3-gnutls

Python wrapper for the GnuTLS library

nixos-unstable python3-gnutls-3.1.10
- nixpkgs-unstable python3-gnutls-3.1.10
- nixos-unstable-small python3-gnutls-3.1.10
nixos-25.11 python3-gnutls-3.1.10
- nixos-25.11-small python3-gnutls-3.1.10
- nixpkgs-25.11-darwin python3-gnutls-3.1.10

pkgs.python314Packages.python3-gnutls

Python wrapper for the GnuTLS library

nixos-unstable python3-gnutls-3.1.10
- nixpkgs-unstable python3-gnutls-3.1.10
- nixos-unstable-small python3-gnutls-3.1.10

Package maintainers

@vcunat Vladimír Čunát <v@cunat.cz>
@foo-dogsquared Gabriel Arazas <foodogsquared@foodogsquared.one>
@charlieshanley Charlie Hanley <charlieshanley@gmail.com>

Permalink CVE-2015-0294

created 1 month, 4 weeks ago

GnuTLS before 3.3.13 does not validate that the signature algorithms …

GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1196323 x_transferredx_refsource_MISC
https://gitlab.com/gnutls/gnutls/commit/6e76e9b9fa845b76b0b9a45f05f4b54a052578ff x_transferredx_refsource_MISC
http://www.debian.org/security/2015/dsa-3191 x_transferredx_refsource_MISC

Affected products

GnuTLS

==before 3.3.13

Matching in nixpkgs

pkgs.gnutls

GNU Transport Layer Security Library

nixos-unstable 3.8.11
- nixpkgs-unstable 3.8.11
- nixos-unstable-small 3.8.11
nixos-25.11 3.8.11
- nixos-25.11-small 3.8.11
- nixpkgs-25.11-darwin 3.8.11

pkgs.guile-gnutls

Guile bindings for GnuTLS library

nixos-unstable 5.0.1
- nixpkgs-unstable 5.0.1
- nixos-unstable-small 5.0.1
nixos-25.11 5.0.1
- nixos-25.11-small 5.0.1
- nixpkgs-25.11-darwin 5.0.1

pkgs.python312Packages.python3-gnutls

Python wrapper for the GnuTLS library

nixos-25.11 python3-gnutls-3.1.10
- nixos-25.11-small python3-gnutls-3.1.10
- nixpkgs-25.11-darwin python3-gnutls-3.1.10

pkgs.python313Packages.python3-gnutls

Python wrapper for the GnuTLS library

nixos-unstable python3-gnutls-3.1.10
- nixpkgs-unstable python3-gnutls-3.1.10
- nixos-unstable-small python3-gnutls-3.1.10
nixos-25.11 python3-gnutls-3.1.10
- nixos-25.11-small python3-gnutls-3.1.10
- nixpkgs-25.11-darwin python3-gnutls-3.1.10

pkgs.python314Packages.python3-gnutls

Python wrapper for the GnuTLS library

nixos-unstable python3-gnutls-3.1.10
- nixpkgs-unstable python3-gnutls-3.1.10
- nixos-unstable-small python3-gnutls-3.1.10

Package maintainers

@vcunat Vladimír Čunát <v@cunat.cz>
@foo-dogsquared Gabriel Arazas <foodogsquared@foodogsquared.one>
@charlieshanley Charlie Hanley <charlieshanley@gmail.com>

Permalink CVE-2025-9820

4.0 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): LOW

created 2 months, 3 weeks ago

Gnutls: stack-based buffer overflow in gnutls_pkcs11_token_init() function

A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks.