Download
| Alert*
|
CVE-2015-0282
GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors. CVE-2015-0294 GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate. |
