CVE-2019-3829 log
Source |
|
Severity | Critical |
Remote | Yes |
Type | Arbitrary code execution |
Description | A critical memory corruption vulnerability has been found in GnuTLS versions prior to 3.6.7, in any API backed by verify_crt(), including gnutls_x509_trust_list_verify_crt() and related routines. Any client or server that verifies X.509 certificates with GnuTLS is likely affected and can be compromised by a malicious server or active network attacker. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-945 | gnutls | 3.6.6-3 | 3.6.7-1 | Critical | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
05 Apr 2019 | ASA-201904-2 | AVG-945 | gnutls | Critical | multiple issues |
References |
---|
https://gitlab.com/gnutls/gnutls/issues/694 |