CVE-2026-33845

ADVISORY - nist

Summary

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.

EPSS Score⁠: 0.00038 (0.111)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-191⁠

Integer Underflow (Wrap or Wraparound)

ADVISORY - redhat

CWE-191⁠

Integer Underflow (Wrap or Wraparound)

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.