CVE-2019-3829

Source
Severity Critical
Remote Yes
Type Arbitrary code execution
Description
A critical memory corruption vulnerability has been found in GnuTLS versions prior to 3.6.7, in any API backed by verify_crt(), including gnutls_x509_trust_list_verify_crt() and related routines. Any client or server that verifies X.509 certificates with GnuTLS is likely affected and can be compromised by a malicious server or active network attacker.
Group Package Affected Fixed Severity Status Ticket
AVG-945 gnutls 3.6.6-3 3.6.7-1 Critical Fixed
Date Advisory Group Package Severity Description
05 Apr 2019 ASA-201904-2 AVG-945 gnutls Critical multiple issues
References
https://gitlab.com/gnutls/gnutls/issues/694