MGASA-2014-0117

Advisory lineage Upstream: 1 Downstream: 0
Upstream
CVE-2014-0092
Published: 03 Mar 2014, 20:07
Last modified:16 Apr 2026, 06:25

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

03 Mar 2014, 20:07
Published
Vulnerability first disclosed
16 Apr 2026, 06:25
Last Modified
Vulnerability information updated

Description

Updated gnutls packages fix security vulnerability It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker (CVE-2014-0092).

Affected Systems

  • mageiagnutls

    < 3.1.16-1.2.mga3

  • mageiagnutls

    < 3.2.7-1.2.mga4

References (4)