CVE-2019-3836

Summary

It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.

Affected Software

VendorProductVersion RangeStatus
gnutlsgnutlsfixed in gnutls 3.6.7affected

Weaknesses

  • CWE-456: CWE-456

ADP Enrichment

CVE Program Container

Additional References

References