← back
CVE-2017-7507

CVE-2017-7507

EPSS 3.4%
GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application.
Affected products
GnuTLS · gnutls

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://access.redhat.com/errata/RHSA-2017:2292https://www.gnutls.org/security.html#GNUTLS-SA-2017-4http://www.debian.org/security/2017/dsa-3884http://www.securityfocus.com/bid/99102