EPSS
Percentile
82.8%
libgnutls.so is vulnerable to denial of service (DoS) attacks. An attacker can trigger the attack by sending a malicious OpenPGP certificate to the cdk_pk_get_keyid function in lib/opencdk/pubkey.c, causing a stack-based buffer overflow.
cdk_pk_get_keyid
lib/opencdk/pubkey.c
bugzilla.redhat.com/show_bug.cgi?id=1412236
gitlab.com/gnutls/gnutls/commit/5140422e0d7319a8e2fe07f02cbcafc4d6538732