Approved changes feed: RSS · Atom

cpe:2.3:a:airtower-luna:mod_gnutls:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorAirtower Luna (50727baa-c78a-5a3f-a003-26253496a844)
ProductMod Gnutls (9cb86110-312b-5a10-a2c7-e8aab29b1846)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2026-33308 vulnerable 2026-06-08 07:59:09.644687 mod_gnutls missing key purpose check in client certificate verification
MEDIUM (6.8)
Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not check the key purpose as set in the Extended Key Usage extension. An attacker with access to the private key for a valid certificate issued by a CA trusted for TLS client authentication but designated for a different purpose could have used that certificate to improperly access resources requiring TLS client authentication. Server configurations that do not use client certificates (`GnuTLSClientVerify ignore`, the default) are not affected. The problem has been fixed in version 0.13.0 by rewriting certificate verification to use `gnutls_certificate_verify_peers()`, and requiring key purpose id-kp-clientAuth (also known as `tls_www_client` in GnuTLS) by default if the Extended Key Usage extension is present. The new `GnuTLSClientKeyPurpose` option allows overriding the expected key purpose if needed (please see the manual for details). Behavior for certificates without an Extended Key Usage extension is unchanged. If dedicated (sub-)CAs are used for issuing TLS client certificates only (not for any other purposes) the issue has no practical impact.
Published: 2026-03-24T01:36:50.545Z
Updated: 2026-03-24T13:34:05.647Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-33307 vulnerable 2026-06-08 07:59:09.643398 mod_gnutils has stack-based buffer overflow caused by a long client certificate chain
HIGH (7.5)
Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. In versions prior to 0.12.3 and 0.13.0, code for client certificate verification imported the certificate chain sent by the client into a fixed size `gnutls_x509_crt_t x509[]` array without checking the number of certificates is less than or equal to the array size. `gnutls_x509_crt_t` is a `typedef` for a pointer to an opaque GnuTLS structure created using with `gnutls_x509_crt_init()` before importing certificate data into it, so no attacker-controlled data was written into the stack buffer, but writing a pointer after the last array element generally triggered a segfault, and could theoretically cause stack corruption otherwise (not observed in practice). Server configurations that do not use client certificates (`GnuTLSClientVerify ignore`, the default) are not affected. The problem has been fixed in version 0.12.3 by checking the length of the provided certificate chain and rejecting it if it exceeds the buffer length, and in version 0.13.0 by rewriting certificate verification to use `gnutls_certificate_verify_peers()`, removing the need for the buffer entirely. There is no workaround. Version 0.12.3 provides the minimal fix for users of 0.12.x who do not wish to upgrade to 0.13.0 yet.
Published: 2026-03-24T01:34:36.146Z
Updated: 2026-03-24T15:12:34.370Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-25824 vulnerable 2026-06-08 05:56:10.676590 mod_gnutls contains Infinite Loop on request read timeout
HIGH (7.5)
Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Versions from 0.9.0 to 0.12.0 (including) did not properly fail blocking read operations on TLS connections when the transport hit timeouts. Instead it entered an endless loop retrying the read operation, consuming CPU resources. This could be exploited for denial of service attacks. If trace level logging was enabled, it would also produce an excessive amount of log output during the loop, consuming disk space. The problem has been fixed in commit d7eec4e598158ab6a98bf505354e84352f9715ec, please update to version 0.12.1. There are no workarounds, users who cannot update should apply the errno fix detailed in the security advisory.
Published: 2023-02-23T21:45:05.174Z
Updated: 2025-03-10T21:06:23.365Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.