QwikSec

Security Database

CVE

CWE

Training

CVE-2017-5334

Published: Mar 24, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20170110 CVE request: two advisories for GnuTLS GNUTLS-SA-2017-1, GNUTLS-SA-2017-2, fixed in 3.3.26, 3.5.8

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_SECTRACK

[oss-security] 20170110 Re: CVE request: two advisories for GnuTLS GNUTLS-SA-2017-1, GNUTLS-SA-2017-2, fixed in 3.3.26, 3.5.8

mailing-list

x_refsource_MLIST

https://gnutls.org/security.html#GNUTLS-SA-2017-1

x_refsource_CONFIRM

openSUSE-SU-2017:0386

vendor-advisory

x_refsource_SUSE

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_GENTOO

https://gitlab.com/gnutls/gnutls/commit/c5aaa488a3d6df712dc8dff23a049133cab5ec1b

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.