CVE-2025-14831

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions GnuTLS (affected versions not specified)

Description A flaw exists in GnuTLS that can lead to a denial of service (DoS). This occurs due to excessive CPU and memory consumption when processing maliciously crafted certificates. These certificates contain a large number of name constraints and subject alternative names (SANs).

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-407

Related Identifiers

ALSA-2026:3477

ALSA-2026:4188

ALSA-2026:5585

BDU:2026-05048

CVE-2025-14831

ECHO-56A4-40AE-0680

MGASA-2026-0045

OESA-2026-1650

OPENSUSE-SU-2026:10177-1

OPENSUSE-SU-2026:20446-1

RHSA-2026:3477

RHSA-2026:4188

RHSA-2026:5585

RHSA-2026:6618

RHSA-2026:6630

RHSA-2026:6737

RHSA-2026:6738

RHSA-2026:7477

SUSE-SU-2026:0829-1

SUSE-SU-2026:0862-1

SUSE-SU-2026:20654-1

SUSE-SU-2026:20708-1

SUSE-SU-2026:20962-1

SUSE-SU-2026:20968-1

SUSE-SU-2026:20984-1

USN-8043-1

Affected Products

Gnutls

Linuxmint

Rocky Linux

Ubuntu

CVE-2025-14831

Weakness Enumeration

Related Identifiers

Affected Products

References · 99