CVE-2019-3829
Description
A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
2.082
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| GNU TLS library (USN-3999-1) libgnutls30_3.6.4-2ubuntu1.2_i386.deb | Linux |
| GNU TLS library (USN-3999-1) libgnutls30_3.6.4-2ubuntu1.2_amd64.deb | Linux |
| GNU TLS library (USN-3999-1) libgnutls30_3.6.5-2ubuntu1.1_i386.deb | Linux |
| GNU TLS library (USN-3999-1) libgnutls30_3.6.5-2ubuntu1.1_amd64.deb | Linux |
| GNU TLS library (USN-3999-1) libgnutls30_3.4.10-4ubuntu1.5_i386.deb | Linux |
| GNU TLS library (USN-3999-1) libgnutls30_3.4.10-4ubuntu1.5_amd64.deb | Linux |
| GNU TLS library (USN-3999-1) libgnutls30_3.5.18-1ubuntu1.1_i386.deb | Linux |
| GNU TLS library (USN-3999-1) libgnutls30_3.5.18-1ubuntu1.1_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234