products / gnutls

GnuTLS

GnuTLS is the GNU project TLS/SSL library, implementing SSL 3.0, TLS 1.0-1.3, and DTLS. It is the default TLS library on many Linux distributions and is a direct dependency of hundreds of packages. NVD tracks it as gnu:gnutls with a CVE history concentrated in memory corruption during handshake processing and timing side-channel issues in key exchange operations.

api usage

Querying GnuTLS

product sluggnutls

version format3.7.0, 3.8.7, 3.6.15

bash

curl "https://api.attestd.io/v1/check?product=gnutls&version=3.7.0" \
  -H "Authorization: Bearer $ATTESTD_KEY"

GnuTLS 3.7.0 is affected by seven CVEs including two use-after-free issues in TLS 1.3 handshake flows (CVE-2021-20231 and CVE-2021-20232). The response shows risk_state: "high" because these CVEs are remotely exploitable without authentication.

json

{
  "product": "gnutls",
  "version": "3.7.0",
  "supported": true,
  "risk_state": "high",
  "risk_factors": [
    "remote_code_execution",
    "no_authentication_required",
    "internet_exposed_service",
    "patch_available"
  ],
  "actively_exploited": false,
  "remote_exploitable": true,
  "authentication_required": false,
  "patch_available": true,
  "fixed_version": "3.7.7",
  "confidence": 0.75,
  "cve_ids": [
    "CVE-2021-20231",
    "CVE-2021-20232",
    "CVE-2021-4209",
    "CVE-2022-2509",
    "CVE-2024-0553",
    "CVE-2024-0567",
    "CVE-2025-32988"
  ],
  "last_updated": "2026-06-14T16:55:24Z",
  "supply_chain": null
}

safe version

GnuTLS 3.8.10 is the current stable release and has no known unpatched CVEs as of the last synthesis run.

bash

curl "https://api.attestd.io/v1/check?product=gnutls&version=3.8.10" \
  -H "Authorization: Bearer $ATTESTD_KEY"

notable cves

CVE history

GnuTLS CVEs split between memory safety issues in TLS handshake code, double-free vulnerabilities in certificate processing, and timing side-channel leaks in RSA and other asymmetric key operations. The 3.8.x series includes mitigations for the side-channel class.

CVE	Description	Affects	CVSS
`CVE-2021-20231`	Use-after-free in the TLS 1.3 client-side key_share extension handling. A malicious server response can trigger the free, leading to potential remote code execution during handshake.	3.6.13 to 3.7.1	9.8
`CVE-2021-20232`	Use-after-free in the TLS 1.3 server-side key_share handling. An attacker can trigger the free via a crafted client hello, potentially allowing remote code execution.	3.6.13 to 3.7.1	9.8
`CVE-2022-2509`	Double free in the PKCS#12 certificate chain verification. A crafted certificate can cause gnutls_pkcs12_simple_parse to call free twice on the same allocation, leading to heap corruption.	up to 3.7.7	7.5
`CVE-2024-0553`	Timing side-channel in RSA-PSK key exchange. An unauthenticated attacker performing a timing oracle attack against the RSA-PSK ciphersuite can recover the server private key.	up to 3.8.2	7.5
`CVE-2024-0567`	Denial of service via a crafted PEM bundle during certificate verification. An invalid certificate in a bundle causes gnutls_x509_trust_list_verify_crt2 to crash with a null pointer dereference.	up to 3.8.2	7.5
`CVE-2021-4209`	Null pointer dereference in GnuTLS verify_crt when verifying certificate chains. A specially crafted certificate chain can crash the calling application via an assertion failure.	3.6.x to 3.7.3	6.5

KEV = CISA Known Exploited Vulnerabilities catalog. Active exploitation confirmed.

data sources

GNU project namespace

NVD tracks GnuTLS under the gnu:gnutls CPE namespace. The vendor string is gnu, not gnutls or gnutls_project. Version strings use standard semver with a three-part scheme (3.8.10).

cpe:2.3:a:gnu:gnutlsall versions

Attestd queries this namespace directly to match version strings against NVD CPE ranges.

All products Quickstart OpenSSH HashiCorp Vault