Nixpkgs security tracker

Login with GitHub

Details of issue NIXPKGS-2026-1339

NIXPKGS-2026-1339
published on
Permalink CVE-2026-3832
3.7 LOW
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
updated 6 days, 15 hours ago by @LeSuisse Activity log
  • Created suggestion 1 week ago
  • @LeSuisse ignored
    4 packages
    • guile-gnutls
    • python312Packages.python3-gnutls
    • python313Packages.python3-gnutls
    • python314Packages.python3-gnutls
    6 days, 15 hours ago
  • @LeSuisse ignored maintainer @vcunat 6 days, 15 hours ago maintainer.ignore
  • @LeSuisse accepted 6 days, 15 hours ago
  • @LeSuisse ignored
    2 references
    6 days, 15 hours ago
  • @LeSuisse published on GitHub 6 days, 15 hours ago
Gnutls: gnutls: security bypass allows acceptance of revoked server certificates via crafted ocsp response

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust.

References

Ignored references (2)

Affected products

rhcos
gnutls

Matching in nixpkgs

Ignored packages (4)

Package maintainers

Ignored maintainers (1)