The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote attackers to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup.
cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:* versions up to 2.6.5 (inclusive)
|42994||Mandriva Linux Security Advisory : gnutls (MDVSA-2009:308)||Nessus||Mandriva Local Security Checks|
|40661||FreeBSD : GnuTLS -- multiple vulnerabilities (b31a1088-460f-11de-a11a-0022156e8794)||Nessus||FreeBSD Local Security Checks|
|38885||GLSA-200905-04 : GnuTLS: Multiple vulnerabilities||Nessus||Gentoo Local Security Checks|
|38815||Mandriva Linux Security Advisory : gnutls (MDVSA-2009:116)||Nessus||Mandriva Local Security Checks|