VDB
ALPINE-CVE-2019-3829
ALPINE-CVE-2019-3829
PUBLISHED
CVSS 7.5 HIGH
A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected.
Risk Scores
CVSS v3.0
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.22 | gnutls | 2.6.5-r0, 2.8.6-r1, 3.4.0-r0 |
| Alpine:v3.10 | gnutls | 3.2.1-r1, 0, 3.1.7-r1 |
| Alpine:v3.15 | gnutls | 2.12.6.1-r0, 2.10.4-r0, 2.10.5-r0 |
| Alpine:v3.14 | gnutls | 3.2.8-r0, 0, 2.10.4-r0 |
| Alpine:v3.17 | gnutls | 3.6.1-r0, 0, 3.1.5-r1 |
| Alpine:v3.21 | gnutls | 0, 0, 2.10.4-r0 |
| Alpine:v3.20 | gnutls | 3.0.17-r0, 0, 2.10.4-r0 |
| Alpine:v3.9 | gnutls | 2.10.4-r0, 2.10.5-r0, 2.10.5-r1 |
| Alpine:v3.23 | gnutls | 3.6.4-r0, 0, 2.10.4-r0 |
| Alpine:v3.11 | gnutls | 3.3.13-r0, 3.5.8-r0, 3.0.19-r0 |
| Alpine:v3.13 | gnutls | 2.10.5-r0, 2.12.6.1-r0, 3.5.10-r0 |
| Alpine:v3.18 | gnutls | 3.3.8-r0, 3.6.5-r0, 3.3.2-r0 |
| Alpine:v3.16 | gnutls | 0, 2.10.4-r0, 3.4.2-r0 |
| Alpine:v3.19 | gnutls | 3.0.22-r0, 2.10.4-r0, 2.10.5-r0 |
| Alpine:v3.12 | gnutls | 3.4.8-r0, 2.10.4-r0, 2.10.5-r2 |
| Alpine:v3.8 | gnutls | 0, 2.10.4-r0, 3.1.7-r1 |
Timeline
- Mar 27, 2019 CVE Published
- Dec 3, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch