CVE-2022-2509

7.5HIGH

Key Information

Vendor: Gnu
Status: Gnutls
Vendor: CVE Published:; 1 August 2022

Summary

A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.

Affected Version(s)

GnuTLS = gnutls 3.7.7(Fixed)

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Aug 1, 2022
Vulnerability Reserved.
Jul 22, 2022

Collectors

NVD DatabaseMitre Database