An audit performed by Red Hat discovered the “important (and at the same time embarrassing) bug” The fix is available now in versions of GnuTLS 3.2.11 / 3.1.21 and earlier. An attacker would be able to use a specific type of fake certificate, granting access to what would otherwise be secure communications. If successful, that enables them with the ability to sit on the wire and monitor traffic in clear text, or inject code of their choosing creating a wider surface of attack.”]
Source: https://www.csoonline.com/article/2137038/gnutls-patch-fixes-certificate-verification-problem.html