CVE-2024-0567

ADVISORY - nist

Summary

A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.

EPSS Score⁠: 0.01295 (0.791)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-347⁠

Improper Verification of Cryptographic Signature

ADVISORY - redhat

CWE-347⁠

Improper Verification of Cryptographic Signature

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.