Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
GnuTLS Number Of NVD 72 CRITICAL 7 HIGH 29 MEDIUM 36 LOW 0
URL https://www.gnutls.org/
Explanation GnuTLS is an open source library for the SSL and TLS protocols.
The Linux-based library aims to provide a backend for secure and safe communication.
Tag
  • LGPL 2.1+
  • オープンソース
Add Information URL
No Type Name URL
1 https://www.gnutls.org/download.html
2 https://www.gnutls.org/security-new.html
3 https://gitlab.com/gnutls/gnutls
4 https://www.gnutls.org/index.html
5 https://gnutls.org/support.html
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
1 GnuTLS 3.8 3.8.11 Nov. 20, 2025 March 20, 2024 0 3 0 0
2 GnuTLS 3.7 3.7.11 May 27, 2024 Dec. 2, 2020 2 4 1 0
3 GnuTLS 3.6 3.6.16 May 24, 2021 Aug. 21, 2017 2 9 5 0
4 GnuTLS 3.5 3.5.19 July 16, 2018 May 9, 2016 3 10 7 0
5 GnuTLS 3.4 3.4.17 Dec. 8, 2016 April 8, 2015 0 9 8 0
6 GnuTLS 3.3 3.3.30 July 16, 2018 April 10, 2014 3 11 10 0
7 GnuTLS 3.2 3.2.21 Dec. 11, 2014 May 10, 2013 Jan. 1, 1970 3 11 14 0
8 GnuTLS 3.2 3.2.9 3 11 14 0
9 GnuTLS 3.1 3.1.9 3 11 15 0
10 GnuTLS 3.0 3.0.9 3 12 18 0
11 GnuTLS 2.8 2.8.6 3 13 18 0
12 GnuTLS 2.7 2.7.6 3 13 20 0
13 GnuTLS 2.6 2.6.6 3 14 23 0
14 GnuTLS 2.5 2.5.0 3 14 23 0
15 GnuTLS 2.4 2.4.3 3 14 23 0
16 GnuTLS 2.3 2.3.9 3 16 24 0
17 GnuTLS 2.2 2.2.5 3 15 24 0
18 GnuTLS 2.12 2.12.9 3 12 18 0
19 GnuTLS 2.10 2.10.5 3 12 16 0
20 GnuTLS 2.1 2.1.8 3 15 26 0
21 GnuTLS 2.0 2.0.4 3 15 24 0
22 GnuTLS 1.7 1.7.9 3 15 22 0
23 GnuTLS 1.6 1.6.3 3 15 22 0
24 GnuTLS 1.5 1.5.5 3 15 23 0
25 GnuTLS 1.4 1.4.5 3 15 24 0
26 GnuTLS 1.3 1.3.5 3 15 24 0
27 GnuTLS 1.2 1.2.9 3 16 25 0
28 GnuTLS 1.1 1.1.23 3 16 24 0
29 GnuTLS 1.0 1.0.25 3 17 25 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
1 9.8
- 		CRITICAL
Network 		A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacke… CWE-626
 Null Byte Interaction Error (Poison Null Byte) 		CVE-2026-42010 cpe:2.3:a:gnu:gnutls:-:* 2026-05-13 22:54
2026-05-7 		Show GitHub Exploit DB Packet Storm
2 7.4
- 		HIGH
Network 		A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constrai… CWE-178
 Improper Handling of Case Sensitivity 		CVE-2026-3833 cpe:2.3:a:gnu:gnutls:-:* 2026-05-7 11:09
2026-05-1 		Show GitHub Exploit DB Packet Storm
3 9.1
- 		CRITICAL
Network 		A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This… CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2026-33845 cpe:2.3:a:gnu:gnutls:-:* 2026-05-5 12:03
2026-05-1 		Show GitHub Exploit DB Packet Storm
4 7.5
- 		HIGH
Network 		A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key (PSK) binder value duri… CWE-476
 NULL Pointer Dereference 		CVE-2026-1584 cpe:2.3:a:gnu:gnutls:-:* 2026-04-22 09:39
2026-04-10 		Show GitHub Exploit DB Packet Storm
5 8.2
- 		HIGH
Network 		A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an … CWE-122
Heap-based Buffer Overflow 		CVE-2025-32990 cpe:2.3:a:gnu:gnutls:-:* 2026-04-21 07:16
2025-07-10 		Show GitHub Exploit DB Packet Storm
6 5.3
- 		MEDIUM
Network 		A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw a… CWE-295
Improper Certificate Validation  		CVE-2025-32989 cpe:2.3:a:gnu:gnutls:-:* 2026-04-21 07:16
2025-07-10 		Show GitHub Exploit DB Packet Storm
7 8.2
- 		HIGH
Network 		A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If … CWE-415
 Double Free 		CVE-2025-32988 cpe:2.3:a:gnu:gnutls:*:* 3.8.10 2026-04-21 07:16
2025-07-10 		Show GitHub Exploit DB Packet Storm
8 7.5
- 		HIGH
Network 		A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certifi… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2024-0567 cpe:2.3:a:gnu:gnutls:*:* 3.7.0 3.8.3 2024-11-21 17:46
2024-01-16 		Show GitHub Exploit DB Packet Storm
9 7.5
- 		HIGH
Network 		A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issu… CWE-203
 Information Exposure Through Discrepancy 		CVE-2024-0553 cpe:2.3:a:gnu:gnutls:*:* 3.8.3 2024-11-21 17:46
2024-01-16 		Show GitHub Exploit DB Packet Storm
10 5.9
- 		MEDIUM
Network 		A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. CWE-203
 Information Exposure Through Discrepancy 		CVE-2023-5981 cpe:2.3:a:gnu:gnutls:1.5.0:* 2024-11-21 17:42
2023-11-28 		Show GitHub Exploit DB Packet Storm