CVE-2024-12243 in GnuTLSinformation

Résumé

par MITRE • 10/02/2025

A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Réserver

05/12/2024

Divulgation

10/02/2025

Modérer

accepté

Entrée

VDB-295071

CPE

prêt

EPSS

0.01245

KEV

non

Activités

très faible

Sources

Interested in the pricing of exploits?

See the underground prices here!