vulnerability

Amazon Linux 2023: CVE-2024-28835: Medium priority package update for gnutls

Try Surface Command
Back to search
Severity
4
CVSS
(AV:L/AC:M/Au:S/C:N/I:N/A:C)
Published
Mar 21, 2024
Added
Feb 17, 2025
Modified
Jul 4, 2025

Description

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command.

Solutions

amazon-linux-2023-upgrade-gnutlsamazon-linux-2023-upgrade-gnutls-camazon-linux-2023-upgrade-gnutls-c-debuginfoamazon-linux-2023-upgrade-gnutls-daneamazon-linux-2023-upgrade-gnutls-dane-debuginfoamazon-linux-2023-upgrade-gnutls-debuginfoamazon-linux-2023-upgrade-gnutls-debugsourceamazon-linux-2023-upgrade-gnutls-develamazon-linux-2023-upgrade-gnutls-utilsamazon-linux-2023-upgrade-gnutls-utils-debuginfo

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today