{"id":"CVE-2016-1000030","details":"Pidgin version \u003c2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. This attack appear to be exploitable via custom X.509 certificate from another client. This vulnerability appears to have been fixed in 2.11.0.","modified":"2026-03-15T22:03:07.025154Z","published":"2018-09-05T17:29:00.230Z","references":[{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/cve-2016-1000030"},{"type":"ADVISORY","url":"https://pidgin.im/news/security/?id=91"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201701-38"},{"type":"ADVISORY","url":"https://www.suse.com/pt-br/security/cve/CVE-2016-1000030/"},{"type":"FIX","url":"https://bitbucket.org/pidgin/main/commits/d6fc1ce76ffe"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"11-sp4"}]},{"events":[{"introduced":"0"},{"fixed":"2.11.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-1000030.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}