CVE-2017-5334
N/A
N/A
Summary
Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.openwall.com/lists/oss-security/2017/01/10/7
- https://access.redhat.com/errata/RHSA-2017:2292
- http://www.securitytracker.com/id/1037576
- http://www.openwall.com/lists/oss-security/2017/01/11/4
- https://gnutls.org/security.html#GNUTLS-SA-2017-1
- http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00005.html
- http://www.securityfocus.com/bid/95370
- https://security.gentoo.org/glsa/201702-04
- https://gitlab.com/gnutls/gnutls/commit/c5aaa488a3d6df712dc8dff23a049133cab5ec1b
References
- http://www.openwall.com/lists/oss-security/2017/01/10/7
- https://access.redhat.com/errata/RHSA-2017:2292
- http://www.securitytracker.com/id/1037576
- http://www.openwall.com/lists/oss-security/2017/01/11/4
- https://gnutls.org/security.html#GNUTLS-SA-2017-1
- http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00005.html
- http://www.securityfocus.com/bid/95370
- https://security.gentoo.org/glsa/201702-04
- https://gitlab.com/gnutls/gnutls/commit/c5aaa488a3d6df712dc8dff23a049133cab5ec1b
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.