DEBIAN-CVE-2014-0092

DEBIAN-CVE-2014-0092 PUBLISHED

lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.

Affected Products

Vendor	Product	Versions
Debian:11	gnutls28	0, 0, 0
Debian:13	gnutls28	0, 0, 0
Debian:12	gnutls28	0, 0, 0
Debian:14	gnutls28	0, 0, 0

Exploit Intelligence

glcve_test.go (github-poc)

Timeline

Mar 7, 2014 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2014-0092 advisory

Open in Interactive Console →