DEBIAN-CVE-2019-3829

DEBIAN-CVE-2019-3829 PUBLISHED CVSS 7.5 HIGH

A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected.

Risk Scores

CVSS 3.0

7.5

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:14	gnutls28	0, 0, 0
Debian:11	gnutls28	0, 0, 0
Debian:13	gnutls28	0, 0, 0
Debian:12	gnutls28	0, 0, 0

Exploit Intelligence

glcve_test.go (github-poc)

Timeline

Mar 27, 2019 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2019-3829 advisory

Open in Interactive Console →