Browse all 5 CVE security advisories affecting gnutls. AI-powered Chinese analysis, POCs, and references for each vulnerability.
GnuTLS serves as a critical implementation of TLS and SSL protocols, enabling secure communications for applications and systems. Historically, vulnerabilities have included buffer overflows leading to remote code execution, denial-of-service flaws, and certificate validation issues. While not as widely impacted as some alternatives, the project has faced security incidents such as the 2014 "goto fail" bug and a 2020 memory corruption flaw. The library maintains a strong focus on security through rigorous code review and regular updates, though its smaller ecosystem compared to OpenSSL means fewer eyes on potential issues. Currently, five CVEs highlight ongoing security considerations for implementations relying on this foundational cryptographic library.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2015-0294 | GnuTLS 信任管理问题漏洞 — GnuTLS | 7.5 | - | 2020-01-27 |
| CVE-2019-3836 | GnuTLS 缓冲区错误漏洞 — gnutlsCWE-456 | 9.1 | - | 2019-04-01 |
| CVE-2019-3829 | gnutls 资源管理错误漏洞 — gnutlsCWE-416 | 7.5 | - | 2019-03-27 |
| CVE-2017-7507 | GnuTLS 安全漏洞 — gnutls | 7.5 | - | 2017-06-16 |
This page lists every published CVE security advisory associated with gnutls. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.