CVE-2025-14831

A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/errata/RHSA-2026:3477
https://access.redhat.com/errata/RHSA-2026:4188
https://access.redhat.com/security/cve/CVE-2025-14831
https://bugzilla.redhat.com/show_bug.cgi?id=2423177

Configurations

No configuration.

History

11 Mar 2026, 09:16

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2026:4188 -

02 Mar 2026, 17:16

Type	Values Removed	Values Added
Summary		(es) Se encontró un fallo en GnuTLS. Esta vulnerabilidad permite una denegación de servicio (DoS) mediante un consumo excesivo de CPU (Unidad Central de Procesamiento) y memoria a través de certificados maliciosos especialmente diseñados que contienen un gran número de restricciones de nombre y nombres alternativos del sujeto (SANs).
References		() https://access.redhat.com/errata/RHSA-2026:3477 -

09 Feb 2026, 15:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-09 15:16

Updated : 2026-03-11 09:16

NVD link : CVE-2025-14831

Mitre link : CVE-2025-14831

CVE.ORG link : CVE-2025-14831

JSON object : View

Products Affected

No product.

CWE

CWE-407

Inefficient Algorithmic Complexity

5.3 /10