CVE-2021-4209
Published
CVSS v3
6.5
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language API to access the secure communications protocols. https://www.gnutls.org
GitLab