VDB
GSD-2014-0092
GSD-2014-0092
PUBLISHED
lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
Timeline
- Mar 30, 2013 CVE Published
- Mar 30, 2026 Distribution Patch
- Mar 30, 2026 Distribution Patch
- Mar 30, 2026 Security Advisory
- Mar 30, 2026 Security Advisory
- Mar 30, 2026 Security Advisory
- Mar 30, 2026 Security Advisory
- Mar 30, 2026 Security Advisory
- Mar 30, 2026 Security Advisory
- Mar 30, 2026 Security Advisory
- Mar 30, 2026 Security Advisory
- Mar 30, 2026 Security Advisory
References
- 57321 third-party-advisory
- 57260 third-party-advisory
- RHSA-2014:0288 vendor-advisory
- http://gnutls.org/security.html#GNUTLS-SA-2014-2 url
- SUSE-SU-2014:0445 vendor-advisory
- 57274 third-party-advisory
- SUSE-SU-2014:0319 vendor-advisory
- RHSA-2014:0247 vendor-advisory
- 65919 vdb
- SUSE-SU-2014:0320 vendor-advisory
- SUSE-SU-2014:0322 vendor-advisory
- SUSE-SU-2014:0324 vendor-advisory
- 57254 third-party-advisory
- RHSA-2014:0339 vendor-advisory
- 56933 third-party-advisory
- SUSE-SU-2014:0323 vendor-advisory
- RHSA-2014:0246 vendor-advisory
- SUSE-SU-2014:0321 vendor-advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1069865 url
- USN-2127-1 vendor-advisory
…and 6 more