Skip to main content

Mod Gnutls

2 CVEs product

Monthly

CVE-2023-25824 HIGH POC PATCH This Week

Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Apache Denial Of Service Mod Gnutls
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2015-2091 MEDIUM This Month

The authentication hook (mgs_hook_authz) in mod-gnutls 0.5.10 and earlier does not validate client certificates when "GnuTLSClientVerify require" is set, which allows remote attackers to spoof. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Mod Gnutls
NVD
CVSS 2.0
5.0
EPSS
0.7%
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Apache Denial Of Service Mod Gnutls
NVD GitHub
EPSS 1% CVSS 5.0
MEDIUM This Month

The authentication hook (mgs_hook_authz) in mod-gnutls 0.5.10 and earlier does not validate client certificates when "GnuTLSClientVerify require" is set, which allows remote attackers to spoof. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Mod Gnutls
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy