CVE-2024-0567

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-0567
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-0567.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-0567
Downstream
Related
Published
2024-01-16T14:15:48Z
Modified
2025-10-21T17:21:48.777417Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.

References

Affected packages

Git / github.com/gnutls/gnutls

Affected ranges

Type
GIT
Repo
https://github.com/gnutls/gnutls
Events

Affected versions

3.*

3.7.0
3.7.1
3.7.2
3.7.3
3.7.4
3.7.5
3.7.6
3.7.7
3.7.8
3.8.0
3.8.1
3.8.2