CVE-2013-2116

CVSS v2.0 5 (Medium)

EPSS 84.03 % (99^th)

Affected Products 1

Advisories 12

The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service (buffer over-read and crash) via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169.

Weaknesses

CWE-20: Improper Input Validation

Related CVEs

CVE-2013-0169

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2013-07-03 18:55:01
(11 years ago)
Updated Date: 2023-11-07 02:14:56
(10 months ago)

Affected Products

Gnu

Gnutls

Configuration #1

		CPE23	From	Up To
	Gnutls 2.12.23	cpe:2.3:a:gnu:gnutls:2.12.23