---

CVE-2019-3829 - log back

CVE-2019-3829 created at 25 Sep 2019 19:31:40
Severity	+ Critical
Remote	+ Remote
Type	+ Arbitrary code execution
Description	+ A critical memory corruption vulnerability has been found in GnuTLS versions prior to 3.6.7, in any API backed by verify_crt(), including gnutls_x509_trust_list_verify_crt() and related routines. Any client or server that verifies X.509 certificates with GnuTLS is likely affected and can be compromised by a malicious server or active network attacker.
References	+ https://gitlab.com/gnutls/gnutls/issues/694
Notes