CVE-2014-1959

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2014-1959
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2014-1959.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2014-1959
Downstream
Related
Withdrawn
2026-01-27T04:12:34.336595Z
Published
2014-03-07T00:10:57Z
Modified
2026-01-27T04:12:34.336595Z
Summary
[none]
Details

lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates.

References

Affected packages