CVE-2024-28835

描述

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command.

受影響套件(2)

• Alpine/gnutlsfrom 0, < 3.8.4-r0
• Debian/gnutls28from 0, < 3.7.1-5+deb11u6

CVSS 分數

參考連結(2)

• ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2024-28835
• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2024-28835