Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-42009 (GCVE-0-2026-42009)
Vulnerability from cvelistv5 – Published: 2026-05-18 12:44 – Updated: 2026-05-27 02:17
VLAI
EPSS
Title
Gnutls: gnutls: denial of service via dtls packet reordering vulnerability
Summary
A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.
Severity
7.5 (High)
CWE
- CWE-475 - Undefined Behavior for Input to API
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2026:13274 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:20611 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2026-42009 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467279 | issue-trackingx_refsource_REDHAT |
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
0:3.6.16-8.el8_10.6 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:8::appstream cpe:/o:redhat:enterprise_linux:8::baseos |
|
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
0:3.6.16-8.el8_10.6 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:8::appstream cpe:/o:redhat:enterprise_linux:8::baseos |
|
| Red Hat | Red Hat Hardened Images |
Unaffected:
3.8.13-1.hum1 , < *
(rpm)
cpe:/a:redhat:hummingbird:1 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
Date Public
2026-04-29 00:00
Credits
Red Hat would like to thank Joshua Rogers (AISLE Research Team) for reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42009",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-18T19:05:03.965288Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-18T19:05:35.556Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream",
"cpe:/o:redhat:enterprise_linux:8::baseos"
],
"defaultStatus": "affected",
"packageName": "gnutls",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.6.16-8.el8_10.6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream",
"cpe:/o:redhat:enterprise_linux:8::baseos"
],
"defaultStatus": "affected",
"packageName": "gnutls",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.6.16-8.el8_10.6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "affected",
"packageName": "gnutls-main",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "3.8.13-1.hum1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "gnutls",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "affected",
"packageName": "gnutls",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"packageName": "gnutls",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "gnutls",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Joshua Rogers (AISLE Research Team) for reporting this issue."
}
],
"datePublic": "2026-04-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-475",
"description": "Undefined Behavior for Input to API",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T02:17:01.487Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2026:13274",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13274"
},
{
"name": "RHSA-2026:20611",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20611"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-42009"
},
{
"name": "RHBZ#2467279",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467279"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-06T16:32:32.382Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-04-29T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Gnutls: gnutls: denial of service via dtls packet reordering vulnerability",
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-475: Undefined Behavior for Input to API"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2026-42009",
"datePublished": "2026-05-18T12:44:45.229Z",
"dateReserved": "2026-04-23T11:23:46.516Z",
"dateUpdated": "2026-05-27T02:17:01.487Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-42009",
"date": "2026-05-27",
"epss": "0.00247",
"percentile": "0.48005"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-42009\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2026-05-18T13:16:32.707\",\"lastModified\":\"2026-05-27T04:16:30.230\",\"vulnStatus\":\"Undergoing Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-475\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13274\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20611\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-42009\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2467279\",\"source\":\"secalert@redhat.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-42009\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-18T19:05:03.965288Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-18T19:05:20.322Z\"}}], \"cna\": {\"title\": \"Gnutls: gnutls: denial of service via dtls packet reordering vulnerability\", \"credits\": [{\"lang\": \"en\", \"value\": \"Red Hat would like to thank Joshua Rogers (AISLE Research Team) for reporting this issue.\"}], \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::appstream\", \"cpe:/o:redhat:enterprise_linux:8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.6.16-8.el8_10.6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"gnutls\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::appstream\", \"cpe:/o:redhat:enterprise_linux:8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.6.16-8.el8_10.6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"gnutls\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:hummingbird:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Hardened Images\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"3.8.13-1.hum1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"gnutls-main\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"gnutls\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"packageName\": \"gnutls\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"packageName\": \"gnutls\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"packageName\": \"gnutls\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"rhcos\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-05-06T16:32:32.382Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-04-29T00:00:00.000Z\", \"value\": \"Made public.\"}], \"datePublic\": \"2026-04-29T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2026:13274\", \"name\": \"RHSA-2026:13274\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20611\", \"name\": \"RHSA-2026:20611\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2026-42009\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2467279\", \"name\": \"RHBZ#2467279\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}], \"x_generator\": {\"engine\": \"cvelib 1.8.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-475\", \"description\": \"Undefined Behavior for Input to API\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2026-05-27T02:17:01.487Z\"}, \"x_redhatCweChain\": \"CWE-475: Undefined Behavior for Input to API\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-42009\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-27T02:17:01.487Z\", \"dateReserved\": \"2026-04-23T11:23:46.516Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2026-05-18T12:44:45.229Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
alsa-2026:20611
Vulnerability from osv_almalinux
Published
2026-05-26 00:00
Modified
2026-05-27 11:27
Summary
Important: gnutls security update
Details
Please update the gnutls packages to provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.
Security Fix(es):
- gnutls: Add more checks to DTLS reassembly (CVE-2026-33846)
- gnutls: Fix qsort comparator in DTLS reassembly (CVE-2026-42009)
- gnutls: Fix crashing on an underflow with a DTLS datagram (CVE-2026-33845)
- gnutls: Fix RSA-PSK identity truncation (CVE-2026-42010)
- gnutls: Fix case-sensitivity of domain name comparison in name constraints (CVE-2026-3833)
- gnutls: Fix intersecting empty constraints (CVE-2026-42011)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "gnutls"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.6.16-8.el8_10.6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "gnutls-c++"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.6.16-8.el8_10.6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "gnutls-dane"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.6.16-8.el8_10.6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "gnutls-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.6.16-8.el8_10.6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "gnutls-utils"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.6.16-8.el8_10.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Please update the gnutls packages to provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. \n\nSecurity Fix(es): \n\n * gnutls: Add more checks to DTLS reassembly (CVE-2026-33846)\n * gnutls: Fix qsort comparator in DTLS reassembly (CVE-2026-42009)\n * gnutls: Fix crashing on an underflow with a DTLS datagram (CVE-2026-33845)\n * gnutls: Fix RSA-PSK identity truncation (CVE-2026-42010)\n * gnutls: Fix case-sensitivity of domain name comparison in name constraints (CVE-2026-3833)\n * gnutls: Fix intersecting empty constraints (CVE-2026-42011)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2026:20611",
"modified": "2026-05-27T11:27:44Z",
"published": "2026-05-26T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2026:20611"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-33845"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-33846"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-3833"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-42009"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-42010"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-42011"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-42012"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-42013"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-42014"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-42015"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-5260"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2445763"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2450624"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2450625"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2467279"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2467289"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2467437"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2026-20611.html"
}
],
"related": [
"CVE-2026-33846",
"CVE-2026-42009",
"CVE-2026-33845",
"CVE-2026-42010",
"CVE-2026-3833",
"CVE-2026-42011"
],
"summary": "Important: gnutls security update"
}
FKIE_CVE-2026-42009
Vulnerability from fkie_nvd - Published: 2026-05-18 13:16 - Updated: 2026-05-27 04:16
Severity
Summary
A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service."
}
],
"id": "CVE-2026-42009",
"lastModified": "2026-05-27T04:16:30.230",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
},
"published": "2026-05-18T13:16:32.707",
"references": [
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2026:13274"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2026:20611"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/security/cve/CVE-2026-42009"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467279"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Undergoing Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-475"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
}
GHSA-9GX7-G5HV-XJJJ
Vulnerability from github – Published: 2026-05-18 15:30 – Updated: 2026-05-27 06:31
VLAI
Details
A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.
Severity
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2026-42009"
],
"database_specific": {
"cwe_ids": [
"CWE-475"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-18T13:16:32Z",
"severity": "HIGH"
},
"details": "A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.",
"id": "GHSA-9gx7-g5hv-xjjj",
"modified": "2026-05-27T06:31:34Z",
"published": "2026-05-18T15:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42009"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:13274"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:20611"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-42009"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467279"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
MSRC_CVE-2026-42009
Vulnerability from csaf_microsoft - Published: 2026-05-02 00:00 - Updated: 2026-05-23 01:01Summary
Gnutls: gnutls: denial of service via dtls packet reordering vulnerability
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17084-1 | — |
None Available
|
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2026-42009 Gnutls: gnutls: denial of service via dtls packet reordering vulnerability - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-42009.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Gnutls: gnutls: denial of service via dtls packet reordering vulnerability",
"tracking": {
"current_release_date": "2026-05-23T01:01:57.000Z",
"generator": {
"date": "2026-05-23T07:14:23.786Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2026-42009",
"initial_release_date": "2026-05-02T00:00:00.000Z",
"revision_history": [
{
"date": "2026-05-23T01:01:57.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "azl3 gnutls 0:3.8.3-8.azl3",
"product": {
"name": "azl3 gnutls 0:3.8.3-8.azl3",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "gnutls"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 gnutls 0:3.8.3-8.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-42009",
"cwe": {
"id": "CWE-475",
"name": "Undefined Behavior for Input to API"
},
"notes": [
{
"category": "general",
"text": "redhat",
"title": "Assigning CNA"
}
],
"product_status": {
"known_affected": [
"17084-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-42009 Gnutls: gnutls: denial of service via dtls packet reordering vulnerability - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-42009.json"
}
],
"remediations": [
{
"category": "none_available",
"date": "2026-05-23T01:01:57.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"17084-1"
]
}
],
"title": "Gnutls: gnutls: denial of service via dtls packet reordering vulnerability"
}
]
}
RHSA-2026:13274
Vulnerability from csaf_redhat - Published: 2026-05-02 22:26 - Updated: 2026-05-27 02:18Summary
Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
Severity
Important
Notes
Topic: An update for Red Hat Hardened Images RPMs is now available.
Details: This update includes the following RPMs:
gnutls:
* gnutls-3.8.13-1.hum1 (aarch64, x86_64)
* gnutls-c++-3.8.13-1.hum1 (aarch64, x86_64)
* gnutls-dane-3.8.13-1.hum1 (aarch64, x86_64)
* gnutls-devel-3.8.13-1.hum1 (aarch64, x86_64)
* gnutls-fips-3.8.13-1.hum1 (aarch64, x86_64)
* gnutls-utils-3.8.13-1.hum1 (aarch64, x86_64)
* mingw32-gnutls-3.8.13-1.hum1 (noarch)
* mingw64-gnutls-3.8.13-1.hum1 (noarch)
* gnutls-3.8.13-1.hum1.src (src)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust.
CWE-179 - Incorrect Behavior Order: Early ValidationAffected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized access or information disclosure.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the message_length field remains consistent across all fragments of the same logical message. An attacker can exploit this by sending crafted DTLS fragments with conflicting message_length values, causing the implementation to allocate a buffer based on a smaller initial fragment and subsequently write beyond its bounds using larger, inconsistent fragments. Because the merge operation does not enforce proper bounds checking against the allocated buffer size, this results in an out-of-bounds write on the heap. The vulnerability is remotely exploitable without authentication via the DTLS handshake path and can lead to application crashes or potential memory corruption.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@src | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process.
7.1 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@src | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate validation. This bypass could lead to the acceptance of invalid certificates, potentially enabling spoofing or man-in-the-middle attacks against affected systems.
7.4 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@src | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:gnutls-main@x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
47 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2026:13274 | self |
| https://images.redhat.com/ | external |
| https://access.redhat.com/security/cve/CVE-2026-33845 | external |
| https://access.redhat.com/security/updates/classi… | external |
| https://access.redhat.com/security/cve/CVE-2026-3833 | external |
| https://access.redhat.com/security/cve/CVE-2026-3832 | external |
| https://access.redhat.com/security/cve/CVE-2026-33846 | external |
| https://access.redhat.com/security/cve/CVE-2026-42014 | external |
| https://access.redhat.com/security/cve/CVE-2026-42013 | external |
| https://access.redhat.com/security/cve/CVE-2026-42012 | external |
| https://access.redhat.com/security/cve/CVE-2026-42011 | external |
| https://access.redhat.com/security/cve/CVE-2026-42010 | external |
| https://access.redhat.com/security/cve/CVE-2026-42009 | external |
| https://access.redhat.com/security/cve/CVE-2026-5260 | external |
| https://access.redhat.com/security/cve/CVE-2026-42015 | external |
| https://access.redhat.com/security/cve/CVE-2026-5419 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2026-3832 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2445762 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-3832 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-3832 | external |
| https://gitlab.com/gnutls/gnutls/-/issues/1801 | external |
| https://access.redhat.com/security/cve/CVE-2026-3833 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2445763 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-3833 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-3833 | external |
| https://gitlab.com/gnutls/gnutls/-/issues/1803 | external |
| https://access.redhat.com/security/cve/CVE-2026-33845 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2450624 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-33845 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-33845 | external |
| https://access.redhat.com/security/cve/CVE-2026-33846 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2450625 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-33846 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-33846 | external |
| https://access.redhat.com/security/cve/CVE-2026-42009 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467279 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-42009 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-42009 | external |
| https://access.redhat.com/security/cve/CVE-2026-42010 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467289 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-42010 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-42010 | external |
| https://access.redhat.com/security/cve/CVE-2026-42011 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467437 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-42011 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-42011 | external |
Acknowledgments
AISLE Research Team
Joshua Rogers
Stella
Haruto Kimura
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Hardened Images RPMs is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "This update includes the following RPMs:\n\ngnutls:\n * gnutls-3.8.13-1.hum1 (aarch64, x86_64)\n * gnutls-c++-3.8.13-1.hum1 (aarch64, x86_64)\n * gnutls-dane-3.8.13-1.hum1 (aarch64, x86_64)\n * gnutls-devel-3.8.13-1.hum1 (aarch64, x86_64)\n * gnutls-fips-3.8.13-1.hum1 (aarch64, x86_64)\n * gnutls-utils-3.8.13-1.hum1 (aarch64, x86_64)\n * mingw32-gnutls-3.8.13-1.hum1 (noarch)\n * mingw64-gnutls-3.8.13-1.hum1 (noarch)\n * gnutls-3.8.13-1.hum1.src (src)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:13274",
"url": "https://access.redhat.com/errata/RHSA-2026:13274"
},
{
"category": "external",
"summary": "https://images.redhat.com/",
"url": "https://images.redhat.com/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33845",
"url": "https://access.redhat.com/security/cve/CVE-2026-33845"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-3833",
"url": "https://access.redhat.com/security/cve/CVE-2026-3833"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-3832",
"url": "https://access.redhat.com/security/cve/CVE-2026-3832"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33846",
"url": "https://access.redhat.com/security/cve/CVE-2026-33846"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42014",
"url": "https://access.redhat.com/security/cve/CVE-2026-42014"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42013",
"url": "https://access.redhat.com/security/cve/CVE-2026-42013"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42012",
"url": "https://access.redhat.com/security/cve/CVE-2026-42012"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42011",
"url": "https://access.redhat.com/security/cve/CVE-2026-42011"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42010",
"url": "https://access.redhat.com/security/cve/CVE-2026-42010"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42009",
"url": "https://access.redhat.com/security/cve/CVE-2026-42009"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-5260",
"url": "https://access.redhat.com/security/cve/CVE-2026-5260"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42015",
"url": "https://access.redhat.com/security/cve/CVE-2026-42015"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-5419",
"url": "https://access.redhat.com/security/cve/CVE-2026-5419"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_13274.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-05-27T02:18:11+00:00",
"generator": {
"date": "2026-05-27T02:18:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2026:13274",
"initial_release_date": "2026-05-02T22:26:22+00:00",
"revision_history": [
{
"date": "2026-05-02T22:26:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-24T00:51:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T02:18:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Hardened Images",
"product": {
"name": "Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:hummingbird:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Hardened Images"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-main@aarch64",
"product": {
"name": "gnutls-main@aarch64",
"product_id": "gnutls-main@aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@3.8.13-1.hum1?arch=aarch64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-aarch64-rpms"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-main@src",
"product": {
"name": "gnutls-main@src",
"product_id": "gnutls-main@src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@3.8.13-1.hum1?arch=src\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-source-rpms"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-main@x86_64",
"product": {
"name": "gnutls-main@x86_64",
"product_id": "gnutls-main@x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@3.8.13-1.hum1?arch=x86_64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-main@noarch",
"product": {
"name": "gnutls-main@noarch",
"product_id": "gnutls-main@noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mingw32-gnutls@3.8.13-1.hum1?arch=noarch\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-main@aarch64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:gnutls-main@aarch64"
},
"product_reference": "gnutls-main@aarch64",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-main@noarch as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:gnutls-main@noarch"
},
"product_reference": "gnutls-main@noarch",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-main@src as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:gnutls-main@src"
},
"product_reference": "gnutls-main@src",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-main@x86_64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:gnutls-main@x86_64"
},
"product_reference": "gnutls-main@x86_64",
"relates_to_product_reference": "Red Hat Hardened Images"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-3832",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2026-03-09T13:41:32.810000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445762"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue has a LOW impact. A flaw in gnutls\u0027 OCSP stapling implementation allows a client with OCSP verification enabled to accept a revoked server certificate. This occurs when a multi-record OCSP response is stapled, and the client incorrectly reads the certificate status from an unrelated record, leading to an order-dependent acceptance of a revoked certificate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-3832"
},
{
"category": "external",
"summary": "RHBZ#2445762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445762"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-3832",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-3832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3832"
},
{
"category": "external",
"summary": "https://gitlab.com/gnutls/gnutls/-/issues/1801",
"url": "https://gitlab.com/gnutls/gnutls/-/issues/1801"
}
],
"release_date": "2026-04-30T17:29:25.738000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-02T22:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13274"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response"
},
{
"cve": "CVE-2026-3833",
"cwe": {
"id": "CWE-178",
"name": "Improper Handling of Case Sensitivity"
},
"discovery_date": "2026-03-09T14:02:09.783000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445763"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized access or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is particularly important because it affects the correct enforcement of X.509 nameConstraints, which are specifically designed to limit the authority of subordinate CAs. In GnuTLS, the use of case-sensitive comparisons (memcmp) for dNSName and the domain portion of rfc822Name violates the case-insensitive matching requirements defined in RFC 5280 and RFC 4343. As a result, a constrained subordinate CA can bypass excludedSubtrees or permittedSubtrees restrictions simply by changing the letter casing of a domain in the SAN (e.g., ExAmPlE.CoM vs example.com). Since nameConstraints are often the only mechanism enforcing domain boundaries in delegated PKI hierarchies, this flaw effectively allows a malicious or compromised sub-CA to issue certificates for domains that should be cryptographically prohibited, enabling unauthorized certificate validation and potential TLS impersonation of restricted services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-3833"
},
{
"category": "external",
"summary": "RHBZ#2445763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445763"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-3833",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3833"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-3833",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3833"
},
{
"category": "external",
"summary": "https://gitlab.com/gnutls/gnutls/-/issues/1803",
"url": "https://gitlab.com/gnutls/gnutls/-/issues/1803"
}
],
"release_date": "2026-04-30T17:26:28.969000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-02T22:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13274"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison"
},
{
"cve": "CVE-2026-33845",
"cwe": {
"id": "CWE-191",
"name": "Integer Underflow (Wrap or Wraparound)"
},
"discovery_date": "2026-03-24T05:35:59.740000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450624"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue marked as Important severity due to its remote, pre-authentication reachability and its impact on a critical DTLS handshake parsing path. The vulnerability can be triggered by an unauthenticated attacker sending crafted DTLS handshake fragments, requiring no prior access or interaction. It leads to an out-of-bounds read caused by an integer underflow in fragment reassembly, operating entirely on attacker-controlled input. Such flaws in low-level protocol parsing are particularly serious, as they may result in disclosure of sensitive process memory, including cryptographic or session-related data, and can also cause reliable application crashes leading to denial of service. Given that DTLS is commonly used in network-facing services such as VPNs and real-time communication systems, the exposure surface is broad. The combination of unauthenticated remote exploitation, memory safety violation, and potential confidentiality and availability impact justifies classifying this issue as high severity rather than moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33845"
},
{
"category": "external",
"summary": "RHBZ#2450624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450624"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33845",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33845"
}
],
"release_date": "2026-04-30T17:28:41.473000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-02T22:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13274"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment"
},
{
"cve": "CVE-2026-33846",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2026-03-24T05:38:09.899000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450625"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the message_length field remains consistent across all fragments of the same logical message. An attacker can exploit this by sending crafted DTLS fragments with conflicting message_length values, causing the implementation to allocate a buffer based on a smaller initial fragment and subsequently write beyond its bounds using larger, inconsistent fragments. Because the merge operation does not enforce proper bounds checking against the allocated buffer size, this results in an out-of-bounds write on the heap. The vulnerability is remotely exploitable without authentication via the DTLS handshake path and can lead to application crashes or potential memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability should be classified as an important flaw rather than moderate because it exposes a pre-authentication, remotely reachable heap buffer overflow in the DTLS handshake processing path, which is part of the core protocol handling logic and commonly exposed in network-facing services. The flaw enables an attacker to inject controlled data at attacker-chosen offsets and sizes beyond allocated heap boundaries by exploiting inconsistent message_length handling across fragments, effectively creating a constrained but meaningful heap write primitive. Unlike benign memory safety bugs, this condition is deterministically triggerable with a small number of crafted packets and no environmental dependencies for denial-of-service, and it targets a long-lived parsing state where memory corruption can affect adjacent heap structures. Even if reliable code execution requires additional heap manipulation or layout knowledge, the combination of remote reachability, lack of authentication, controlled memory corruption capability, and trivial crashability significantly elevates the risk profile beyond moderate severity. In real-world deployments, such primitives are often sufficient to enable heap grooming and exploitation chains, particularly in services that repeatedly process attacker-controlled input, making this a materially important security flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33846"
},
{
"category": "external",
"summary": "RHBZ#2450625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450625"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33846",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33846"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33846",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33846"
}
],
"release_date": "2026-05-04T08:53:59.249000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-02T22:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13274"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly"
},
{
"acknowledgments": [
{
"names": [
"Joshua Rogers"
],
"organization": "AISLE Research Team"
}
],
"cve": "CVE-2026-42009",
"cwe": {
"id": "CWE-475",
"name": "Undefined Behavior for Input to API"
},
"discovery_date": "2026-05-06T16:32:32.382000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467279"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact for this flaw has been downgraded on Red Hat Enterprise Linux due to the following reason:\n\n- The number of elements passed to the vulnerable function at runtime is known and is at most 6 and the element size is sufficiently small. glibc\u2019s qsort implementation will not exercise the quick sort code path, which would otherwise cause an infloop or out-of-bound write.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42009"
},
{
"category": "external",
"summary": "RHBZ#2467279",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467279"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42009",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42009"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42009",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42009"
}
],
"release_date": "2026-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-02T22:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13274"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Joshua Rogers"
],
"organization": "AISLE Research Team"
}
],
"cve": "CVE-2026-42010",
"discovery_date": "2026-05-06T16:57:37.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467289"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest\u2013Shamir\u2013Adleman \u2013 Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: gnutls: Authentication Bypass via NUL Character in Username",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42010"
},
{
"category": "external",
"summary": "RHBZ#2467289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42010"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42010",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42010"
}
],
"release_date": "2026-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-02T22:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13274"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gnutls: gnutls: Authentication Bypass via NUL Character in Username"
},
{
"acknowledgments": [
{
"names": [
"Haruto Kimura"
],
"organization": "Stella"
}
],
"cve": "CVE-2026-42011",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-05-06T19:06:25.319000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467437"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate validation. This bypass could lead to the acceptance of invalid certificates, potentially enabling spoofing or man-in-the-middle attacks against affected systems.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: gnutls: Security bypass due to incorrect name constraint handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42011"
},
{
"category": "external",
"summary": "RHBZ#2467437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467437"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42011"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42011",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42011"
}
],
"release_date": "2026-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-02T22:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13274"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:gnutls-main@aarch64",
"Red Hat Hardened Images:gnutls-main@noarch",
"Red Hat Hardened Images:gnutls-main@src",
"Red Hat Hardened Images:gnutls-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gnutls: gnutls: Security bypass due to incorrect name constraint handling"
}
]
}
RHSA-2026:20611
Vulnerability from csaf_redhat - Published: 2026-05-26 06:40 - Updated: 2026-05-27 02:18Summary
Red Hat Security Advisory: gnutls security update
Severity
Important
Notes
Topic: An update for gnutls is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details: Please update the gnutls packages to provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.
Security Fix(es):
* gnutls: Add more checks to DTLS reassembly (CVE-2026-33846)
* gnutls: Fix qsort comparator in DTLS reassembly (CVE-2026-42009)
* gnutls: Fix crashing on an underflow with a DTLS datagram (CVE-2026-33845)
* gnutls: Fix RSA-PSK identity truncation (CVE-2026-42010)
* gnutls: Fix case-sensitivity of domain name comparison in name constraints (CVE-2026-3833)
* gnutls: Fix intersecting empty constraints (CVE-2026-42011)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized access or information disclosure.
6.5 (Medium)
Affected products
Fixed
100 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure.
8.2 (High)
Affected products
Fixed
100 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.
7.5 (High)
Affected products
Fixed
100 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the message_length field remains consistent across all fragments of the same logical message. An attacker can exploit this by sending crafted DTLS fragments with conflicting message_length values, causing the implementation to allocate a buffer based on a smaller initial fragment and subsequently write beyond its bounds using larger, inconsistent fragments. Because the merge operation does not enforce proper bounds checking against the allocated buffer size, this results in an out-of-bounds write on the heap. The vulnerability is remotely exploitable without authentication via the DTLS handshake path and can lead to application crashes or potential memory corruption.
7.5 (High)
Affected products
Fixed
100 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
100 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process.
7.1 (High)
Affected products
Fixed
100 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate validation. This bypass could lead to the acceptance of invalid certificates, potentially enabling spoofing or man-in-the-middle attacks against affected systems.
7.4 (High)
Affected products
Fixed
100 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier (URI) or Service (SRV) Subject Alternative Names (SANs). This could cause the certificate validation process to incorrectly fall back to checking DNS hostnames against the Common Name (CN), potentially allowing the attacker to spoof legitimate services or intercept sensitive information.
7.1 (High)
Affected products
Fixed
100 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-the-middle attacks.
8.2 (High)
Affected products
Fixed
100 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
No description is available for this CVE.
Affected products
Fixed
100 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in gnutls. An off-by-one error exists in the PKCS#12 bag element bounds check. This vulnerability allows an remote attacker to write past the internal array of a PKCS#12 bag when appending to a bag that already contains 32 elements. This memory corruption could lead to a denial of service (DoS) or potentially other unspecified impacts.
5.3 (Medium)
Affected products
Fixed
100 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
55 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2026:20611 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2445763 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2450624 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2450625 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467279 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467289 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467437 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467678 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2026-3833 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2445763 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-3833 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-3833 | external |
| https://gitlab.com/gnutls/gnutls/-/issues/1803 | external |
| https://access.redhat.com/security/cve/CVE-2026-5260 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467450 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-5260 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-5260 | external |
| https://access.redhat.com/security/cve/CVE-2026-33845 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2450624 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-33845 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-33845 | external |
| https://access.redhat.com/security/cve/CVE-2026-33846 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2450625 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-33846 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-33846 | external |
| https://access.redhat.com/security/cve/CVE-2026-42009 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467279 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-42009 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-42009 | external |
| https://access.redhat.com/security/cve/CVE-2026-42010 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467289 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-42010 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-42010 | external |
| https://access.redhat.com/security/cve/CVE-2026-42011 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467437 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-42011 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-42011 | external |
| https://access.redhat.com/security/cve/CVE-2026-42012 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467441 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-42012 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-42012 | external |
| https://access.redhat.com/security/cve/CVE-2026-42013 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467448 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-42013 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-42013 | external |
| https://access.redhat.com/security/cve/CVE-2026-42014 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467451 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-42014 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-42014 | external |
| https://access.redhat.com/security/cve/CVE-2026-42015 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467678 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-42015 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-42015 | external |
Acknowledgments
AISLE Research Team
Joshua Rogers
Stella
Haruto Kimura
1Seal
Oleh Konko
Luigino Camastra
Zou Dikai
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnutls is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of\nModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Please update the gnutls packages to provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.\n\nSecurity Fix(es):\n* gnutls: Add more checks to DTLS reassembly (CVE-2026-33846)\n* gnutls: Fix qsort comparator in DTLS reassembly (CVE-2026-42009)\n* gnutls: Fix crashing on an underflow with a DTLS datagram (CVE-2026-33845)\n* gnutls: Fix RSA-PSK identity truncation (CVE-2026-42010)\n* gnutls: Fix case-sensitivity of domain name comparison in name constraints (CVE-2026-3833)\n* gnutls: Fix intersecting empty constraints (CVE-2026-42011)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:20611",
"url": "https://access.redhat.com/errata/RHSA-2026:20611"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2445763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445763"
},
{
"category": "external",
"summary": "2450624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450624"
},
{
"category": "external",
"summary": "2450625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450625"
},
{
"category": "external",
"summary": "2467279",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467279"
},
{
"category": "external",
"summary": "2467289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467289"
},
{
"category": "external",
"summary": "2467437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467437"
},
{
"category": "external",
"summary": "2467678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467678"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20611.json"
}
],
"title": "Red Hat Security Advisory: gnutls security update",
"tracking": {
"current_release_date": "2026-05-27T02:18:15+00:00",
"generator": {
"date": "2026-05-27T02:18:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2026:20611",
"initial_release_date": "2026-05-26T06:40:00+00:00",
"revision_history": [
{
"date": "2026-05-26T06:40:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-26T06:40:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T02:18:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"product": {
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"product_id": "gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-c%2B%2B@3.6.16-8.el8_10.6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"product": {
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"product_id": "gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-dane@3.6.16-8.el8_10.6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"product": {
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"product_id": "gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@3.6.16-8.el8_10.6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"product": {
"name": "gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"product_id": "gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-utils@3.6.16-8.el8_10.6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"product": {
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"product_id": "gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debugsource@3.6.16-8.el8_10.6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"product": {
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"product_id": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-c%2B%2B-debuginfo@3.6.16-8.el8_10.6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"product": {
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"product_id": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-dane-debuginfo@3.6.16-8.el8_10.6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"product": {
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"product_id": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@3.6.16-8.el8_10.6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"product": {
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"product_id": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-utils-debuginfo@3.6.16-8.el8_10.6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnutls-0:3.6.16-8.el8_10.6.aarch64",
"product": {
"name": "gnutls-0:3.6.16-8.el8_10.6.aarch64",
"product_id": "gnutls-0:3.6.16-8.el8_10.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@3.6.16-8.el8_10.6?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"product": {
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"product_id": "gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-c%2B%2B@3.6.16-8.el8_10.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"product": {
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"product_id": "gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-dane@3.6.16-8.el8_10.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"product": {
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"product_id": "gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@3.6.16-8.el8_10.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"product": {
"name": "gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"product_id": "gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-utils@3.6.16-8.el8_10.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"product": {
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"product_id": "gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debugsource@3.6.16-8.el8_10.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"product": {
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"product_id": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-c%2B%2B-debuginfo@3.6.16-8.el8_10.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"product": {
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"product_id": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-dane-debuginfo@3.6.16-8.el8_10.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"product": {
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"product_id": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@3.6.16-8.el8_10.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"product": {
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"product_id": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-utils-debuginfo@3.6.16-8.el8_10.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"product": {
"name": "gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"product_id": "gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@3.6.16-8.el8_10.6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"product": {
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"product_id": "gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-c%2B%2B@3.6.16-8.el8_10.6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"product": {
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"product_id": "gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-dane@3.6.16-8.el8_10.6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"product": {
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"product_id": "gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@3.6.16-8.el8_10.6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"product": {
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"product_id": "gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debugsource@3.6.16-8.el8_10.6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"product": {
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"product_id": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-c%2B%2B-debuginfo@3.6.16-8.el8_10.6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"product": {
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"product_id": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-dane-debuginfo@3.6.16-8.el8_10.6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"product": {
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"product_id": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@3.6.16-8.el8_10.6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"product": {
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"product_id": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-utils-debuginfo@3.6.16-8.el8_10.6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "gnutls-0:3.6.16-8.el8_10.6.i686",
"product": {
"name": "gnutls-0:3.6.16-8.el8_10.6.i686",
"product_id": "gnutls-0:3.6.16-8.el8_10.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@3.6.16-8.el8_10.6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"product": {
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"product_id": "gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-c%2B%2B@3.6.16-8.el8_10.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"product": {
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"product_id": "gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-dane@3.6.16-8.el8_10.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"product": {
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"product_id": "gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@3.6.16-8.el8_10.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"product": {
"name": "gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"product_id": "gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-utils@3.6.16-8.el8_10.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"product": {
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"product_id": "gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debugsource@3.6.16-8.el8_10.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"product": {
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"product_id": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-c%2B%2B-debuginfo@3.6.16-8.el8_10.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"product": {
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"product_id": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-dane-debuginfo@3.6.16-8.el8_10.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"product": {
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"product_id": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@3.6.16-8.el8_10.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"product": {
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"product_id": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-utils-debuginfo@3.6.16-8.el8_10.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnutls-0:3.6.16-8.el8_10.6.x86_64",
"product": {
"name": "gnutls-0:3.6.16-8.el8_10.6.x86_64",
"product_id": "gnutls-0:3.6.16-8.el8_10.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@3.6.16-8.el8_10.6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"product": {
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"product_id": "gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-c%2B%2B@3.6.16-8.el8_10.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"product": {
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"product_id": "gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-dane@3.6.16-8.el8_10.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"product": {
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"product_id": "gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@3.6.16-8.el8_10.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"product": {
"name": "gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"product_id": "gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-utils@3.6.16-8.el8_10.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"product": {
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"product_id": "gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debugsource@3.6.16-8.el8_10.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"product": {
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"product_id": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-c%2B%2B-debuginfo@3.6.16-8.el8_10.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"product": {
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"product_id": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-dane-debuginfo@3.6.16-8.el8_10.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"product": {
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"product_id": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@3.6.16-8.el8_10.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"product": {
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"product_id": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-utils-debuginfo@3.6.16-8.el8_10.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnutls-0:3.6.16-8.el8_10.6.s390x",
"product": {
"name": "gnutls-0:3.6.16-8.el8_10.6.s390x",
"product_id": "gnutls-0:3.6.16-8.el8_10.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@3.6.16-8.el8_10.6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-0:3.6.16-8.el8_10.6.src",
"product": {
"name": "gnutls-0:3.6.16-8.el8_10.6.src",
"product_id": "gnutls-0:3.6.16-8.el8_10.6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@3.6.16-8.el8_10.6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:3.6.16-8.el8_10.6.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686"
},
"product_reference": "gnutls-0:3.6.16-8.el8_10.6.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:3.6.16-8.el8_10.6.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src"
},
"product_reference": "gnutls-0:3.6.16-8.el8_10.6.src",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686"
},
"product_reference": "gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686"
},
"product_reference": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686"
},
"product_reference": "gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686"
},
"product_reference": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686"
},
"product_reference": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686"
},
"product_reference": "gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686"
},
"product_reference": "gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686"
},
"product_reference": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:3.6.16-8.el8_10.6.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686"
},
"product_reference": "gnutls-0:3.6.16-8.el8_10.6.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:3.6.16-8.el8_10.6.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src"
},
"product_reference": "gnutls-0:3.6.16-8.el8_10.6.src",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686"
},
"product_reference": "gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686"
},
"product_reference": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686"
},
"product_reference": "gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686"
},
"product_reference": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686"
},
"product_reference": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686"
},
"product_reference": "gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686"
},
"product_reference": "gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64"
},
"product_reference": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686"
},
"product_reference": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le"
},
"product_reference": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x"
},
"product_reference": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
},
"product_reference": "gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-3833",
"cwe": {
"id": "CWE-178",
"name": "Improper Handling of Case Sensitivity"
},
"discovery_date": "2026-03-09T14:02:09.783000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445763"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized access or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is particularly important because it affects the correct enforcement of X.509 nameConstraints, which are specifically designed to limit the authority of subordinate CAs. In GnuTLS, the use of case-sensitive comparisons (memcmp) for dNSName and the domain portion of rfc822Name violates the case-insensitive matching requirements defined in RFC 5280 and RFC 4343. As a result, a constrained subordinate CA can bypass excludedSubtrees or permittedSubtrees restrictions simply by changing the letter casing of a domain in the SAN (e.g., ExAmPlE.CoM vs example.com). Since nameConstraints are often the only mechanism enforcing domain boundaries in delegated PKI hierarchies, this flaw effectively allows a malicious or compromised sub-CA to issue certificates for domains that should be cryptographically prohibited, enabling unauthorized certificate validation and potential TLS impersonation of restricted services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-3833"
},
{
"category": "external",
"summary": "RHBZ#2445763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445763"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-3833",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3833"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-3833",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3833"
},
{
"category": "external",
"summary": "https://gitlab.com/gnutls/gnutls/-/issues/1803",
"url": "https://gitlab.com/gnutls/gnutls/-/issues/1803"
}
],
"release_date": "2026-04-30T17:26:28.969000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T06:40:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20611"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison"
},
{
"acknowledgments": [
{
"names": [
"Joshua Rogers"
],
"organization": "AISLE Research Team"
}
],
"cve": "CVE-2026-5260",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-05-06T19:50:31.302000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467450"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: gnutls: Information disclosure via heap overread in RSA key exchange",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-5260"
},
{
"category": "external",
"summary": "RHBZ#2467450",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467450"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-5260",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5260"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-5260",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5260"
}
],
"release_date": "2026-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T06:40:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20611"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gnutls: gnutls: Information disclosure via heap overread in RSA key exchange"
},
{
"cve": "CVE-2026-33845",
"cwe": {
"id": "CWE-191",
"name": "Integer Underflow (Wrap or Wraparound)"
},
"discovery_date": "2026-03-24T05:35:59.740000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450624"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue marked as Important severity due to its remote, pre-authentication reachability and its impact on a critical DTLS handshake parsing path. The vulnerability can be triggered by an unauthenticated attacker sending crafted DTLS handshake fragments, requiring no prior access or interaction. It leads to an out-of-bounds read caused by an integer underflow in fragment reassembly, operating entirely on attacker-controlled input. Such flaws in low-level protocol parsing are particularly serious, as they may result in disclosure of sensitive process memory, including cryptographic or session-related data, and can also cause reliable application crashes leading to denial of service. Given that DTLS is commonly used in network-facing services such as VPNs and real-time communication systems, the exposure surface is broad. The combination of unauthenticated remote exploitation, memory safety violation, and potential confidentiality and availability impact justifies classifying this issue as high severity rather than moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33845"
},
{
"category": "external",
"summary": "RHBZ#2450624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450624"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33845",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33845"
}
],
"release_date": "2026-04-30T17:28:41.473000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T06:40:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20611"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment"
},
{
"cve": "CVE-2026-33846",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2026-03-24T05:38:09.899000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450625"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the message_length field remains consistent across all fragments of the same logical message. An attacker can exploit this by sending crafted DTLS fragments with conflicting message_length values, causing the implementation to allocate a buffer based on a smaller initial fragment and subsequently write beyond its bounds using larger, inconsistent fragments. Because the merge operation does not enforce proper bounds checking against the allocated buffer size, this results in an out-of-bounds write on the heap. The vulnerability is remotely exploitable without authentication via the DTLS handshake path and can lead to application crashes or potential memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability should be classified as an important flaw rather than moderate because it exposes a pre-authentication, remotely reachable heap buffer overflow in the DTLS handshake processing path, which is part of the core protocol handling logic and commonly exposed in network-facing services. The flaw enables an attacker to inject controlled data at attacker-chosen offsets and sizes beyond allocated heap boundaries by exploiting inconsistent message_length handling across fragments, effectively creating a constrained but meaningful heap write primitive. Unlike benign memory safety bugs, this condition is deterministically triggerable with a small number of crafted packets and no environmental dependencies for denial-of-service, and it targets a long-lived parsing state where memory corruption can affect adjacent heap structures. Even if reliable code execution requires additional heap manipulation or layout knowledge, the combination of remote reachability, lack of authentication, controlled memory corruption capability, and trivial crashability significantly elevates the risk profile beyond moderate severity. In real-world deployments, such primitives are often sufficient to enable heap grooming and exploitation chains, particularly in services that repeatedly process attacker-controlled input, making this a materially important security flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33846"
},
{
"category": "external",
"summary": "RHBZ#2450625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450625"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33846",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33846"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33846",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33846"
}
],
"release_date": "2026-05-04T08:53:59.249000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T06:40:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20611"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly"
},
{
"acknowledgments": [
{
"names": [
"Joshua Rogers"
],
"organization": "AISLE Research Team"
}
],
"cve": "CVE-2026-42009",
"cwe": {
"id": "CWE-475",
"name": "Undefined Behavior for Input to API"
},
"discovery_date": "2026-05-06T16:32:32.382000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467279"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact for this flaw has been downgraded on Red Hat Enterprise Linux due to the following reason:\n\n- The number of elements passed to the vulnerable function at runtime is known and is at most 6 and the element size is sufficiently small. glibc\u2019s qsort implementation will not exercise the quick sort code path, which would otherwise cause an infloop or out-of-bound write.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42009"
},
{
"category": "external",
"summary": "RHBZ#2467279",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467279"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42009",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42009"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42009",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42009"
}
],
"release_date": "2026-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T06:40:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20611"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Joshua Rogers"
],
"organization": "AISLE Research Team"
}
],
"cve": "CVE-2026-42010",
"discovery_date": "2026-05-06T16:57:37.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467289"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest\u2013Shamir\u2013Adleman \u2013 Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: gnutls: Authentication Bypass via NUL Character in Username",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42010"
},
{
"category": "external",
"summary": "RHBZ#2467289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42010"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42010",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42010"
}
],
"release_date": "2026-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T06:40:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20611"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gnutls: gnutls: Authentication Bypass via NUL Character in Username"
},
{
"acknowledgments": [
{
"names": [
"Haruto Kimura"
],
"organization": "Stella"
}
],
"cve": "CVE-2026-42011",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-05-06T19:06:25.319000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467437"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate validation. This bypass could lead to the acceptance of invalid certificates, potentially enabling spoofing or man-in-the-middle attacks against affected systems.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: gnutls: Security bypass due to incorrect name constraint handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42011"
},
{
"category": "external",
"summary": "RHBZ#2467437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467437"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42011"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42011",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42011"
}
],
"release_date": "2026-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T06:40:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20611"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gnutls: gnutls: Security bypass due to incorrect name constraint handling"
},
{
"acknowledgments": [
{
"names": [
"Oleh Konko"
],
"organization": "1Seal"
}
],
"cve": "CVE-2026-42012",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-05-06T19:16:02.753000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467441"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier (URI) or Service (SRV) Subject Alternative Names (SANs). This could cause the certificate validation process to incorrectly fall back to checking DNS hostnames against the Common Name (CN), potentially allowing the attacker to spoof legitimate services or intercept sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42012"
},
{
"category": "external",
"summary": "RHBZ#2467441",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467441"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42012"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42012",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42012"
}
],
"release_date": "2026-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T06:40:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20611"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs"
},
{
"acknowledgments": [
{
"names": [
"Haruto Kimura"
],
"organization": "Stella"
},
{
"names": [
"Joshua Rogers"
],
"organization": "AISLE Research Team"
}
],
"cve": "CVE-2026-42013",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-05-06T19:47:00.134000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467448"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-the-middle attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42013"
},
{
"category": "external",
"summary": "RHBZ#2467448",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467448"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42013",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42013"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42013",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42013"
}
],
"release_date": "2026-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T06:40:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20611"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name"
},
{
"acknowledgments": [
{
"names": [
"Luigino Camastra"
]
},
{
"names": [
"Joshua Rogers"
],
"organization": "AISLE Research Team"
}
],
"cve": "CVE-2026-42014",
"discovery_date": "2026-05-06T19:51:54.069000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467451"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: Fix use-after-free in gnutls_pkcs11_token_set_pin",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42014"
},
{
"category": "external",
"summary": "RHBZ#2467451",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467451"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42014",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42014"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42014",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42014"
}
],
"release_date": "2026-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T06:40:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20611"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gnutls: Fix use-after-free in gnutls_pkcs11_token_set_pin"
},
{
"acknowledgments": [
{
"names": [
"Zou Dikai"
]
}
],
"cve": "CVE-2026-42015",
"cwe": {
"id": "CWE-193",
"name": "Off-by-one Error"
},
"discovery_date": "2026-05-07T10:50:28.379000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467678"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gnutls. An off-by-one error exists in the PKCS#12 bag element bounds check. This vulnerability allows an remote attacker to write past the internal array of a PKCS#12 bag when appending to a bag that already contains 32 elements. This memory corruption could lead to a denial of service (DoS) or potentially other unspecified impacts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42015"
},
{
"category": "external",
"summary": "RHBZ#2467678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467678"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42015",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42015"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42015",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42015"
}
],
"release_date": "2026-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T06:40:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20611"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-c++-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-dane-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debuginfo-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-debugsource-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-devel-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-0:3.6.16-8.el8_10.6.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnutls-utils-debuginfo-0:3.6.16-8.el8_10.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling"
}
]
}
SUSE-SU-2026:21752-1
Vulnerability from csaf_suse - Published: 2026-05-18 10:06 - Updated: 2026-05-18 10:06Summary
Security update for gnutls
Severity
Important
Notes
Title of the patch: Security update for gnutls
Description of the patch: This update for gnutls fixes the following issues
- CVE-2026-3832: cert-session: fix multi-entry OCSP revocation bypass (bsc#1263706).
- CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive (bsc#1263707).
- CVE-2026-5260: lib/pkcs11_privkey: guard against overreading on short ciphertexts (bsc#1263715).
- CVE-2026-5419: gnutls_cipher_decrypt3: make PKCS#7 unpadding branch free (bsc#1263716).
- CVE-2026-33845: buffers: switch from end_offset over to frag_length (bsc#1263704).
- CVE-2026-33846: buffers: add more checks to DTLS reassembly (bsc#1263705).
- CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers (bsc#1263708).
- CVE-2026-42010: lib/auth/rsa_psk: fix binary PSK identity lookup (bsc#1263709).
- CVE-2026-42011: x509/name_constraints: fix intersecting empty constraints (bsc#1263710).
- CVE-2026-42012: x509/hostname-verify: make URI/SRV SAN preclude CN fallback (bsc#1263711).
- CVE-2026-42013: x509: prevent fallback on oversized SAN (bsc#1263712).
- CVE-2026-42014: pkcs11_write: fix UAF and leak in gnutls_pkcs11_token_set_pin (bsc#1263713).
- CVE-2026-42015: x509/pkcs12_bag: fix off-by-one in bag element bounds chec (bsc#1263714).
Patchnames: SUSE-SL-Micro-6.2-776
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.2 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.1 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.8 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.1 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
56 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/s… | self |
| https://www.suse.com/support/update/announcement/… | self |
| https://lists.suse.com/pipermail/sle-updates/2026… | self |
| https://bugzilla.suse.com/1263704 | self |
| https://bugzilla.suse.com/1263705 | self |
| https://bugzilla.suse.com/1263706 | self |
| https://bugzilla.suse.com/1263707 | self |
| https://bugzilla.suse.com/1263708 | self |
| https://bugzilla.suse.com/1263709 | self |
| https://bugzilla.suse.com/1263710 | self |
| https://bugzilla.suse.com/1263711 | self |
| https://bugzilla.suse.com/1263712 | self |
| https://bugzilla.suse.com/1263713 | self |
| https://bugzilla.suse.com/1263714 | self |
| https://bugzilla.suse.com/1263715 | self |
| https://bugzilla.suse.com/1263716 | self |
| https://www.suse.com/security/cve/CVE-2026-33845/ | self |
| https://www.suse.com/security/cve/CVE-2026-33846/ | self |
| https://www.suse.com/security/cve/CVE-2026-3832/ | self |
| https://www.suse.com/security/cve/CVE-2026-3833/ | self |
| https://www.suse.com/security/cve/CVE-2026-42009/ | self |
| https://www.suse.com/security/cve/CVE-2026-42010/ | self |
| https://www.suse.com/security/cve/CVE-2026-42011/ | self |
| https://www.suse.com/security/cve/CVE-2026-42012/ | self |
| https://www.suse.com/security/cve/CVE-2026-42013/ | self |
| https://www.suse.com/security/cve/CVE-2026-42014/ | self |
| https://www.suse.com/security/cve/CVE-2026-42015/ | self |
| https://www.suse.com/security/cve/CVE-2026-5260/ | self |
| https://www.suse.com/security/cve/CVE-2026-5419/ | self |
| https://www.suse.com/security/cve/CVE-2026-33845 | external |
| https://bugzilla.suse.com/1263704 | external |
| https://www.suse.com/security/cve/CVE-2026-33846 | external |
| https://bugzilla.suse.com/1263705 | external |
| https://www.suse.com/security/cve/CVE-2026-3832 | external |
| https://bugzilla.suse.com/1263706 | external |
| https://www.suse.com/security/cve/CVE-2026-3833 | external |
| https://bugzilla.suse.com/1263707 | external |
| https://www.suse.com/security/cve/CVE-2026-42009 | external |
| https://bugzilla.suse.com/1263708 | external |
| https://www.suse.com/security/cve/CVE-2026-42010 | external |
| https://bugzilla.suse.com/1263709 | external |
| https://www.suse.com/security/cve/CVE-2026-42011 | external |
| https://bugzilla.suse.com/1263710 | external |
| https://www.suse.com/security/cve/CVE-2026-42012 | external |
| https://bugzilla.suse.com/1263711 | external |
| https://www.suse.com/security/cve/CVE-2026-42013 | external |
| https://bugzilla.suse.com/1263712 | external |
| https://www.suse.com/security/cve/CVE-2026-42014 | external |
| https://bugzilla.suse.com/1263713 | external |
| https://www.suse.com/security/cve/CVE-2026-42015 | external |
| https://bugzilla.suse.com/1263714 | external |
| https://www.suse.com/security/cve/CVE-2026-5260 | external |
| https://bugzilla.suse.com/1263715 | external |
| https://www.suse.com/security/cve/CVE-2026-5419 | external |
| https://bugzilla.suse.com/1263716 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for gnutls",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for gnutls fixes the following issues\n\n- CVE-2026-3832: cert-session: fix multi-entry OCSP revocation bypass (bsc#1263706).\n- CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive (bsc#1263707).\n- CVE-2026-5260: lib/pkcs11_privkey: guard against overreading on short ciphertexts (bsc#1263715).\n- CVE-2026-5419: gnutls_cipher_decrypt3: make PKCS#7 unpadding branch free (bsc#1263716).\n- CVE-2026-33845: buffers: switch from end_offset over to frag_length (bsc#1263704).\n- CVE-2026-33846: buffers: add more checks to DTLS reassembly (bsc#1263705).\n- CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers (bsc#1263708).\n- CVE-2026-42010: lib/auth/rsa_psk: fix binary PSK identity lookup (bsc#1263709).\n- CVE-2026-42011: x509/name_constraints: fix intersecting empty constraints (bsc#1263710).\n- CVE-2026-42012: x509/hostname-verify: make URI/SRV SAN preclude CN fallback (bsc#1263711).\n- CVE-2026-42013: x509: prevent fallback on oversized SAN (bsc#1263712).\n- CVE-2026-42014: pkcs11_write: fix UAF and leak in gnutls_pkcs11_token_set_pin (bsc#1263713).\n- CVE-2026-42015: x509/pkcs12_bag: fix off-by-one in bag element bounds chec (bsc#1263714).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-776",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21752-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21752-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621752-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21752-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-May/046764.html"
},
{
"category": "self",
"summary": "SUSE Bug 1263704",
"url": "https://bugzilla.suse.com/1263704"
},
{
"category": "self",
"summary": "SUSE Bug 1263705",
"url": "https://bugzilla.suse.com/1263705"
},
{
"category": "self",
"summary": "SUSE Bug 1263706",
"url": "https://bugzilla.suse.com/1263706"
},
{
"category": "self",
"summary": "SUSE Bug 1263707",
"url": "https://bugzilla.suse.com/1263707"
},
{
"category": "self",
"summary": "SUSE Bug 1263708",
"url": "https://bugzilla.suse.com/1263708"
},
{
"category": "self",
"summary": "SUSE Bug 1263709",
"url": "https://bugzilla.suse.com/1263709"
},
{
"category": "self",
"summary": "SUSE Bug 1263710",
"url": "https://bugzilla.suse.com/1263710"
},
{
"category": "self",
"summary": "SUSE Bug 1263711",
"url": "https://bugzilla.suse.com/1263711"
},
{
"category": "self",
"summary": "SUSE Bug 1263712",
"url": "https://bugzilla.suse.com/1263712"
},
{
"category": "self",
"summary": "SUSE Bug 1263713",
"url": "https://bugzilla.suse.com/1263713"
},
{
"category": "self",
"summary": "SUSE Bug 1263714",
"url": "https://bugzilla.suse.com/1263714"
},
{
"category": "self",
"summary": "SUSE Bug 1263715",
"url": "https://bugzilla.suse.com/1263715"
},
{
"category": "self",
"summary": "SUSE Bug 1263716",
"url": "https://bugzilla.suse.com/1263716"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33845 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33845/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33846 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-3832 page",
"url": "https://www.suse.com/security/cve/CVE-2026-3832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-3833 page",
"url": "https://www.suse.com/security/cve/CVE-2026-3833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42009 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42010 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42011 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42012 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42013 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42014 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42015 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-5260 page",
"url": "https://www.suse.com/security/cve/CVE-2026-5260/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-5419 page",
"url": "https://www.suse.com/security/cve/CVE-2026-5419/"
}
],
"title": "Security update for gnutls",
"tracking": {
"current_release_date": "2026-05-18T10:06:30Z",
"generator": {
"date": "2026-05-18T10:06:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21752-1",
"initial_release_date": "2026-05-18T10:06:30Z",
"revision_history": [
{
"date": "2026-05-18T10:06:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "gnutls-3.8.10-160000.3.1.aarch64",
"product": {
"name": "gnutls-3.8.10-160000.3.1.aarch64",
"product_id": "gnutls-3.8.10-160000.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libgnutls30-3.8.10-160000.3.1.aarch64",
"product": {
"name": "libgnutls30-3.8.10-160000.3.1.aarch64",
"product_id": "libgnutls30-3.8.10-160000.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-3.8.10-160000.3.1.ppc64le",
"product": {
"name": "gnutls-3.8.10-160000.3.1.ppc64le",
"product_id": "gnutls-3.8.10-160000.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libgnutls30-3.8.10-160000.3.1.ppc64le",
"product": {
"name": "libgnutls30-3.8.10-160000.3.1.ppc64le",
"product_id": "libgnutls30-3.8.10-160000.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-3.8.10-160000.3.1.s390x",
"product": {
"name": "gnutls-3.8.10-160000.3.1.s390x",
"product_id": "gnutls-3.8.10-160000.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libgnutls30-3.8.10-160000.3.1.s390x",
"product": {
"name": "libgnutls30-3.8.10-160000.3.1.s390x",
"product_id": "libgnutls30-3.8.10-160000.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-3.8.10-160000.3.1.x86_64",
"product": {
"name": "gnutls-3.8.10-160000.3.1.x86_64",
"product_id": "gnutls-3.8.10-160000.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgnutls30-3.8.10-160000.3.1.x86_64",
"product": {
"name": "libgnutls30-3.8.10-160000.3.1.x86_64",
"product_id": "libgnutls30-3.8.10-160000.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-3.8.10-160000.3.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64"
},
"product_reference": "gnutls-3.8.10-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-3.8.10-160000.3.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le"
},
"product_reference": "gnutls-3.8.10-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-3.8.10-160000.3.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x"
},
"product_reference": "gnutls-3.8.10-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-3.8.10-160000.3.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64"
},
"product_reference": "gnutls-3.8.10-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgnutls30-3.8.10-160000.3.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64"
},
"product_reference": "libgnutls30-3.8.10-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgnutls30-3.8.10-160000.3.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le"
},
"product_reference": "libgnutls30-3.8.10-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgnutls30-3.8.10-160000.3.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x"
},
"product_reference": "libgnutls30-3.8.10-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgnutls30-3.8.10-160000.3.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
},
"product_reference": "libgnutls30-3.8.10-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33845",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33845"
}
],
"notes": [
{
"category": "general",
"text": "A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33845",
"url": "https://www.suse.com/security/cve/CVE-2026-33845"
},
{
"category": "external",
"summary": "SUSE Bug 1263704 for CVE-2026-33845",
"url": "https://bugzilla.suse.com/1263704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T10:06:30Z",
"details": "important"
}
],
"title": "CVE-2026-33845"
},
{
"cve": "CVE-2026-33846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33846"
}
],
"notes": [
{
"category": "general",
"text": "A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the message_length field remains consistent across all fragments of the same logical message. An attacker can exploit this by sending crafted DTLS fragments with conflicting message_length values, causing the implementation to allocate a buffer based on a smaller initial fragment and subsequently write beyond its bounds using larger, inconsistent fragments. Because the merge operation does not enforce proper bounds checking against the allocated buffer size, this results in an out-of-bounds write on the heap. The vulnerability is remotely exploitable without authentication via the DTLS handshake path and can lead to application crashes or potential memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33846",
"url": "https://www.suse.com/security/cve/CVE-2026-33846"
},
{
"category": "external",
"summary": "SUSE Bug 1263705 for CVE-2026-33846",
"url": "https://bugzilla.suse.com/1263705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T10:06:30Z",
"details": "important"
}
],
"title": "CVE-2026-33846"
},
{
"cve": "CVE-2026-3832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-3832"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-3832",
"url": "https://www.suse.com/security/cve/CVE-2026-3832"
},
{
"category": "external",
"summary": "SUSE Bug 1263706 for CVE-2026-3832",
"url": "https://bugzilla.suse.com/1263706"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T10:06:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-3832"
},
{
"cve": "CVE-2026-3833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-3833"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized access or information disclosure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-3833",
"url": "https://www.suse.com/security/cve/CVE-2026-3833"
},
{
"category": "external",
"summary": "SUSE Bug 1263707 for CVE-2026-3833",
"url": "https://bugzilla.suse.com/1263707"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T10:06:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-3833"
},
{
"cve": "CVE-2026-42009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42009"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42009",
"url": "https://www.suse.com/security/cve/CVE-2026-42009"
},
{
"category": "external",
"summary": "SUSE Bug 1263708 for CVE-2026-42009",
"url": "https://bugzilla.suse.com/1263708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T10:06:30Z",
"details": "important"
}
],
"title": "CVE-2026-42009"
},
{
"cve": "CVE-2026-42010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42010"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest-Shamir-Adleman - Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42010",
"url": "https://www.suse.com/security/cve/CVE-2026-42010"
},
{
"category": "external",
"summary": "SUSE Bug 1263709 for CVE-2026-42010",
"url": "https://bugzilla.suse.com/1263709"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T10:06:30Z",
"details": "important"
}
],
"title": "CVE-2026-42010"
},
{
"cve": "CVE-2026-42011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42011"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate validation. This bypass could lead to the acceptance of invalid certificates, potentially enabling spoofing or man-in-the-middle attacks against affected systems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42011",
"url": "https://www.suse.com/security/cve/CVE-2026-42011"
},
{
"category": "external",
"summary": "SUSE Bug 1263710 for CVE-2026-42011",
"url": "https://bugzilla.suse.com/1263710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T10:06:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-42011"
},
{
"cve": "CVE-2026-42012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42012"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier (URI) or Service (SRV) Subject Alternative Names (SANs). This could cause the certificate validation process to incorrectly fall back to checking DNS hostnames against the Common Name (CN), potentially allowing the attacker to spoof legitimate services or intercept sensitive information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42012",
"url": "https://www.suse.com/security/cve/CVE-2026-42012"
},
{
"category": "external",
"summary": "SUSE Bug 1263711 for CVE-2026-42012",
"url": "https://bugzilla.suse.com/1263711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T10:06:30Z",
"details": "important"
}
],
"title": "CVE-2026-42012"
},
{
"cve": "CVE-2026-42013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42013"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-the-middle attacks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42013",
"url": "https://www.suse.com/security/cve/CVE-2026-42013"
},
{
"category": "external",
"summary": "SUSE Bug 1263712 for CVE-2026-42013",
"url": "https://bugzilla.suse.com/1263712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T10:06:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-42013"
},
{
"cve": "CVE-2026-42014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42014"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42014",
"url": "https://www.suse.com/security/cve/CVE-2026-42014"
},
{
"category": "external",
"summary": "SUSE Bug 1263713 for CVE-2026-42014",
"url": "https://bugzilla.suse.com/1263713"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T10:06:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-42014"
},
{
"cve": "CVE-2026-42015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42015"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in gnutls. An off-by-one error exists in the PKCS#12 bag element bounds check. This vulnerability allows an remote attacker to write past the internal array of a PKCS#12 bag when appending to a bag that already contains 32 elements. This memory corruption could lead to a denial of service (DoS) or potentially other unspecified impacts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42015",
"url": "https://www.suse.com/security/cve/CVE-2026-42015"
},
{
"category": "external",
"summary": "SUSE Bug 1263714 for CVE-2026-42015",
"url": "https://bugzilla.suse.com/1263714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T10:06:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-42015"
},
{
"cve": "CVE-2026-5260",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-5260"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-5260",
"url": "https://www.suse.com/security/cve/CVE-2026-5260"
},
{
"category": "external",
"summary": "SUSE Bug 1263715 for CVE-2026-5260",
"url": "https://bugzilla.suse.com/1263715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T10:06:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-5260"
},
{
"cve": "CVE-2026-5419",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-5419"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-5419",
"url": "https://www.suse.com/security/cve/CVE-2026-5419"
},
{
"category": "external",
"summary": "SUSE Bug 1263716 for CVE-2026-5419",
"url": "https://bugzilla.suse.com/1263716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gnutls-3.8.10-160000.3.1.x86_64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libgnutls30-3.8.10-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T10:06:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-5419"
}
]
}
WID-SEC-W-2026-1312
Vulnerability from csaf_certbund - Published: 2026-04-29 22:00 - Updated: 2026-05-20 22:00Summary
GnuTLS: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: GnuTLS (GNU Transport Layer Security Library) ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.
Angriff: Ein Angreifer kann mehrere Schwachstellen in GnuTLS ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder andere, nicht näher spezifizierte Angriffe durchzuführen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source GnuTLS <3.8.13
Open Source / GnuTLS
|
<3.8.13 | ||
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source GnuTLS <3.8.13
Open Source / GnuTLS
|
<3.8.13 | ||
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source GnuTLS <3.8.13
Open Source / GnuTLS
|
<3.8.13 | ||
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source GnuTLS <3.8.13
Open Source / GnuTLS
|
<3.8.13 | ||
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source GnuTLS <3.8.13
Open Source / GnuTLS
|
<3.8.13 | ||
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source GnuTLS <3.8.13
Open Source / GnuTLS
|
<3.8.13 | ||
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source GnuTLS <3.8.13
Open Source / GnuTLS
|
<3.8.13 | ||
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source GnuTLS <3.8.13
Open Source / GnuTLS
|
<3.8.13 | ||
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source GnuTLS <3.8.13
Open Source / GnuTLS
|
<3.8.13 | ||
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source GnuTLS <3.8.13
Open Source / GnuTLS
|
<3.8.13 | ||
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source GnuTLS <3.8.13
Open Source / GnuTLS
|
<3.8.13 | ||
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source GnuTLS <3.8.13
Open Source / GnuTLS
|
<3.8.13 | ||
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source GnuTLS <3.8.13
Open Source / GnuTLS
|
<3.8.13 | ||
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
References
9 references
| URL | Category |
|---|---|
| https://wid.cert-bund.de/.well-known/csaf/white/2… | self |
| https://wid.cert-bund.de/portal/wid/securityadvis… | self |
| https://gnutls.org/security-new.html | external |
| https://seclists.org/oss-sec/2026/q2/288 | external |
| https://access.redhat.com/errata/RHSA-2026:13274 | external |
| https://lists.opensuse.org/archives/list/security… | external |
| https://msrc.microsoft.com/update-guide/ | external |
| https://security-tracker.debian.org/tracker/DSA-6281-1 | external |
| https://ubuntu.com/security/notices/USN-8284-1 | external |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "GnuTLS (GNU Transport Layer Security Library) ist eine im Quelltext frei verf\u00fcgbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in GnuTLS ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder andere, nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1312 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1312.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1312 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1312"
},
{
"category": "external",
"summary": "GnuTLS Security Advisories vom 2026-04-29",
"url": "https://gnutls.org/security-new.html"
},
{
"category": "external",
"summary": "Mailing list OSS-Security vom 2026-04-29",
"url": "https://seclists.org/oss-sec/2026/q2/288"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:13274 vom 2026-05-03",
"url": "https://access.redhat.com/errata/RHSA-2026:13274"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10691-1 vom 2026-05-07",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OVIQ4J6D4X3DFRGJX5NN75GR6ETDFNGJ/"
},
{
"category": "external",
"summary": "Microsoft Security Update Guide vom 2026-05-12",
"url": "https://msrc.microsoft.com/update-guide/"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6281 vom 2026-05-20",
"url": "https://security-tracker.debian.org/tracker/DSA-6281-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8284-1 vom 2026-05-20",
"url": "https://ubuntu.com/security/notices/USN-8284-1"
}
],
"source_lang": "en-US",
"title": "GnuTLS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-20T22:00:00.000+00:00",
"generator": {
"date": "2026-05-21T07:57:41.033+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1312",
"initial_release_date": "2026-04-29T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-04-29T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-05-03T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat und European Union Vulnerability Database aufgenommen"
},
{
"date": "2026-05-04T22:00:00.000+00:00",
"number": "3",
"summary": "Referenz(en) aufgenommen: EUVD-2026-26926"
},
{
"date": "2026-05-07T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von European Union Vulnerability Database und openSUSE aufgenommen"
},
{
"date": "2026-05-11T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2026-05-18T22:00:00.000+00:00",
"number": "6",
"summary": "Referenz(en) aufgenommen: EUVD-2026-30769"
},
{
"date": "2026-05-19T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2026-05-20T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Ubuntu aufgenommen"
}
],
"status": "final",
"version": "8"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "azl3",
"product": {
"name": "Microsoft Azure Linux azl3",
"product_id": "T049210",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3"
}
}
}
],
"category": "product_name",
"name": "Azure Linux"
}
],
"category": "vendor",
"name": "Microsoft"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c3.8.13",
"product": {
"name": "Open Source GnuTLS \u003c3.8.13",
"product_id": "T053415"
}
},
{
"category": "product_version",
"name": "3.8.13",
"product": {
"name": "Open Source GnuTLS 3.8.13",
"product_id": "T053415-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:gnu:gnutls:3.8.13"
}
}
}
],
"category": "product_name",
"name": "GnuTLS"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33845",
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"T027843",
"T053415",
"T049210"
]
},
"release_date": "2026-04-29T22:00:00.000+00:00",
"title": "CVE-2026-33845"
},
{
"cve": "CVE-2026-33846",
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"T027843",
"T053415",
"T049210"
]
},
"release_date": "2026-04-29T22:00:00.000+00:00",
"title": "CVE-2026-33846"
},
{
"cve": "CVE-2026-3832",
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"T027843",
"T053415",
"T049210"
]
},
"release_date": "2026-04-29T22:00:00.000+00:00",
"title": "CVE-2026-3832"
},
{
"cve": "CVE-2026-3833",
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"T027843",
"T053415",
"T049210"
]
},
"release_date": "2026-04-29T22:00:00.000+00:00",
"title": "CVE-2026-3833"
},
{
"cve": "CVE-2026-42009",
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"T027843",
"T053415",
"T049210"
]
},
"release_date": "2026-04-29T22:00:00.000+00:00",
"title": "CVE-2026-42009"
},
{
"cve": "CVE-2026-42010",
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"T027843",
"T053415",
"T049210"
]
},
"release_date": "2026-04-29T22:00:00.000+00:00",
"title": "CVE-2026-42010"
},
{
"cve": "CVE-2026-42011",
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"T027843",
"T053415",
"T049210"
]
},
"release_date": "2026-04-29T22:00:00.000+00:00",
"title": "CVE-2026-42011"
},
{
"cve": "CVE-2026-42012",
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"T027843",
"T053415",
"T049210"
]
},
"release_date": "2026-04-29T22:00:00.000+00:00",
"title": "CVE-2026-42012"
},
{
"cve": "CVE-2026-42013",
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"T027843",
"T053415",
"T049210"
]
},
"release_date": "2026-04-29T22:00:00.000+00:00",
"title": "CVE-2026-42013"
},
{
"cve": "CVE-2026-42014",
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"T027843",
"T053415",
"T049210"
]
},
"release_date": "2026-04-29T22:00:00.000+00:00",
"title": "CVE-2026-42014"
},
{
"cve": "CVE-2026-42015",
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"T027843",
"T053415",
"T049210"
]
},
"release_date": "2026-04-29T22:00:00.000+00:00",
"title": "CVE-2026-42015"
},
{
"cve": "CVE-2026-5260",
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"T027843",
"T053415",
"T049210"
]
},
"release_date": "2026-04-29T22:00:00.000+00:00",
"title": "CVE-2026-5260"
},
{
"cve": "CVE-2026-5419",
"product_status": {
"known_affected": [
"2951",
"67646",
"T000126",
"T027843",
"T053415",
"T049210"
]
},
"release_date": "2026-04-29T22:00:00.000+00:00",
"title": "CVE-2026-5419"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…