Lucene search

K

Veracode Vulnerability DatabaseVERACODE:39240

HistoryFeb 12, 2023 - 7:18 p.m.

Man-in-the-Middle (MitM)

2023-02-1219:18:36

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

25

gnutls

vulnerability

remote attacker

decrypt

information

EPSS

0.002

Percentile

57.1%

gnutls is vulnerable to Man-in-the-Middle (MitM). The vulnerability exists due to an error in the TLS RSA key exchange and allows remote attacker to decrypt the information.

References

access.redhat.com/security/cve/CVE-2023-0361

github.com/tlsfuzzer/tlsfuzzer/pull/679

gitlab.com/gnutls/gnutls/-/issues/1050

lists.debian.org/debian-lts-announce/2023/02/msg00015.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/

lists.fedoraproject.org/archives/list/[email protected]/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/

lists.fedoraproject.org/archives/list/[email protected]/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/

lists.fedoraproject.org/archives/list/[email protected]/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/

secdb.alpinelinux.org/edge/main.yaml

secdb.alpinelinux.org/v3.14/main.yaml

secdb.alpinelinux.org/v3.15/main.yaml

secdb.alpinelinux.org/v3.16/main.yaml

secdb.alpinelinux.org/v3.17/main.yaml

security.netapp.com/advisory/ntap-20230324-0005/

security.netapp.com/advisory/ntap-20230725-0005/

EPSS

0.002

Percentile

57.1%