pkg:Alpine/gnutls

All known vulnerabilities

• CRITICAL9.8CVE-2026-42010A flaw was found in gnutls.
  from 0, < 3.8.13-r0
• CRITICAL9.8CVE-2021-20232A flaw was found in gnutls.
  from 0, < 3.6.15-r1
• CRITICAL9.8CVE-2021-20231A flaw was found in gnutls.
  from 0, < 3.6.15-r1
• CRITICAL9.1CVE-2026-33845A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow du…
  from 0, < 3.8.13-r0
• HIGH8.2CVE-2026-5260A flaw was found in libgnutls.
  from 0, < 3.8.13-r0
• HIGH8.2CVE-2026-42013A flaw was found in gnutls.
  from 0, < 3.8.13-r0
• HIGH8.2CVE-2025-32990A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility.
  from 0, < 3.8.12-r0
• HIGH8.2CVE-2025-32988gnutls28 - security update
  from 0, < 3.8.12-r0
• HIGH7.5CVE-2026-42009A flaw was found in gnutls.
  from 0, < 3.8.13-r0
• HIGH7.5CVE-2026-33846A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS.
  from 0, < 3.8.13-r0
• HIGH7.5CVE-2026-1584A flaw was found in gnutls.
  from 0, < 3.8.12-r0
• HIGH7.5CVE-2024-0567A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust.
  from 0, < 3.8.3-r0
• HIGH7.5CVE-2024-0553gnutls28 - security update
  from 0, < 3.8.3-r0
• HIGH7.5CVE-2022-2509gnutls28 - security update
  from 0, < 3.7.1-r1
• HIGH7.5CVE-2020-24659An issue was discovered in GnuTLS before 3.6.15.
  from 0, < 3.6.15-r0
• HIGH7.5CVE-2019-3836It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later w…
  from 0, < 3.6.7-r0
• HIGH7.5CVE-2019-3829A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7.
  from 0, < 3.6.7-r0
• HIGH7.5CVE-2017-7507gnutls28 - security update
  from 0, < 3.5.13-r0
• HIGH7.5CVE-2016-7444The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length…
  from 0, < 3.4.5-r1
• HIGH7.4CVE-2026-42011A flaw was found in gnutls.
  from 0, < 3.8.13-r0
• HIGH7.4CVE-2026-3833A flaw was found in gnutls.
  from 0, < 3.8.13-r0
• HIGH7.4CVE-2023-0361gnutls28 - security update
  from 0, < 3.7.1-r2
• HIGH7.4CVE-2020-13777gnutls28 - security update
  from 0, < 3.6.14-r0
• HIGH7.4CVE-2020-11501gnutls28 - security update
  from 0, < 3.6.8-r1
• HIGH7.1CVE-2026-42012A flaw was found in gnutls.
  from 0, < 3.8.13-r0
• MEDIUM6.5CVE-2025-6395A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().
  from 0, < 3.8.12-r0
• MEDIUM5.9CVE-2023-5981gnutls28 - security update
  from 0, < 3.8.3-r0
• MEDIUM5.3CVE-2026-42015A flaw was found in gnutls.
  from 0, < 3.8.13-r0
• MEDIUM5.3CVE-2025-14831gnutls28 - security update
  from 0, < 3.8.12-r0
• MEDIUM5.3CVE-2025-32989A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (…
  from 0, < 3.8.12-r0
• MEDIUM5.3CVE-2024-12243gnutls28 - security update
  from 0, < 3.8.12-r0
• MEDIUM5.3CVE-2024-28834gnutls28 - security update
  from 0, < 3.8.4-r0
• MEDIUM5.0CVE-2024-28835A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle us…
  from 0, < 3.8.4-r0
• MEDIUM4.0CVE-2025-9820A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization.
  from 0, < 3.8.12-r0
• LOW3.7CVE-2026-3832A flaw was found in gnutls.
  from 0, < 3.8.13-r0