CVE-2019-3829 log
| Source |
|
| Severity | Critical |
| Remote | Yes |
| Type | Arbitrary code execution |
| Description | A critical memory corruption vulnerability has been found in GnuTLS versions prior to 3.6.7, in any API backed by verify_crt(), including gnutls_x509_trust_list_verify_crt() and related routines. Any client or server that verifies X.509 certificates with GnuTLS is likely affected and can be compromised by a malicious server or active network attacker. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-945 | gnutls | 3.6.6-3 | 3.6.7-1 | Critical | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 05 Apr 2019 | ASA-201904-2 | AVG-945 | gnutls | Critical | multiple issues |
| References |
|---|
https://gitlab.com/gnutls/gnutls/issues/694 |