Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GnuTLS 拒绝服务漏洞
Vulnerability Description
GnuTLS是比利时Nikos Mavrogiannopoulos和瑞典Simon Josefsson软件开发者共同研发的一个免费的用于实现SSL、TLS和DTLS协议的安全通信库。 GnuTLS的gnutls_ecc.c文件中的‘_gnutls_ecc_ansi_x963_export’函数存在安全漏洞。远程攻击者可借助特制的Elliptic Curve Cryptography(ECC)证书或certificate signing requests(CSR)利用该漏洞造成拒绝服务(越边界写入)。以下版
CVSS Information
N/A
Vulnerability Type
N/A