COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2026-33845

CVE-2026-33845

Severity
high
Source
NVD · cve
Published
2026-04-30
CVSS
7.5
Reference
https://nvd.nist.gov/vuln/detail/CVE-2026-33845
shame 25/100

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of

Players implicated

gnu · vendorredhat · vendorenterprise linux · productgnutls · productopenshift container platform · product

Description

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.