CVE-2019-3836
HIGH7.5EPSS 0.73%發布日:2019/4/1修改日:2025/12/3
也稱為:ALPINE-CVE-2019-3836DEBIAN-CVE-2019-3836
描述
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.
受影響套件(2)
- Alpine/gnutlsfrom 0, < 3.6.7-r0
- Debian/gnutls28from 0, < 3.6.7-2
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |