Your submission was sent successfully! Close

CVE-2019-3829

Published: 27 March 2019

A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
gnutls26
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

disco Does not exist

precise Not vulnerable
(code not present)
trusty Not vulnerable
(code not present)
upstream Needs triage

xenial Does not exist

gnutls28
Launchpad, Ubuntu, Debian
bionic
Released (3.5.18-1ubuntu1.1)
cosmic
Released (3.6.4-2ubuntu1.2)
disco
Released (3.6.5-2ubuntu1.1)
precise Does not exist

trusty Does not exist
(trusty was not-affected [code not present])
upstream
Released (3.6.7)
xenial Not vulnerable
(code not present)