16. {
"name": "CVE-2016-7444",
“description”: “¥nThe gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify
the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors
involving trailing bytes left by gnutls_malloc.¥nA flaw was found in the way GnuTLS validated certificates using OCSP responses. This could
falsely report a certificate as valid under certain circumstances.",
"nvd_score": 5,
"nvd_score_version": "CVSS v2",
"nvd_vectors": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"nvd_severity": "medium",
"nvd_url": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7444",
"vendor_score": 4.3,
"vendor_score_version": "CVSS v2",
"vendor_vectors": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"vendor_severity": "low",
"vendor_url": "https://access.redhat.com/security/cve/CVE-2016-7444",
"publish_date": "2016-09-27",
"modification_date": "2018-01-04",
"fix_version": "3.3.26-9.el7",
"solution": "Upgrade package gnutls to version 3.3.26-9.el7 or above."
}