« List of all CVEs

CVE-2017-5335

Published: 3/24/2017 Last updated: 8/5/2024 Reserved: 1/10/2017

The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate.

CNA assigner: debian (79363d38-fa19-49d1-9214-5f28da3f3ac5) Requested by: n/a

Opam packages affected (5)

conf-gnutls conf-mingw-w64-gnutls-i686 conf-mingw-w64-gnutls-x86_64 conf-srt conf-srt-gnutls

Products affected (1)

Product Vendor Version
n/a n/a n/a

References (22)