CVE-2025-14831
Published: Feb 9, 2026
Modified: May 14, 2026
CVSS v3.1
5.3
Description
A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).
| Vendor | Product | Versions |
|---|---|---|
Red Hat | Red Hat Enterprise Linux 10 | unaffected 0:3.8.10-3.el10_1 - < * |
Red Hat | Red Hat Enterprise Linux 10.0 Extended Update Support | unaffected 0:3.8.9-9.el10_0.17 - < * |
Red Hat | Red Hat Enterprise Linux 8 | unaffected 0:3.6.16-8.el8_10.5 - < * |
Red Hat | Red Hat Enterprise Linux 8 | unaffected 0:3.6.16-8.el8_10.5 - < * |
Red Hat | Red Hat Enterprise Linux 9 | unaffected 0:3.8.3-10.el9_7 - < * |
Red Hat | Red Hat Enterprise Linux 9 | unaffected 0:3.8.3-10.el9_7 - < * |
Red Hat | Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions | unaffected 0:3.7.6-21.el9_2.5 - < * |
Red Hat | Red Hat Enterprise Linux 9.4 Extended Update Support | unaffected 0:3.8.3-4.el9_4.5 - < * |
Red Hat | Red Hat Enterprise Linux 9.6 Extended Update Support | unaffected 0:3.8.3-6.el9_6.3 - < * |
Red Hat | RHEL-8 based Middleware Containers | unaffected 7.13.5-4.1777325677 - < * |
Red Hat | RHEL-8 based Middleware Containers | unaffected 7.13.5-4.1777325711 - < * |
Red Hat | RHEL-8 based Middleware Containers | unaffected 7.13.5-4.1777325710 - < * |
Red Hat | RHEL-8 based Middleware Containers | unaffected 7.13.5-3.1777325680 - < * |
Red Hat | RHEL-8 based Middleware Containers | unaffected 7.13.5-4.1777325709 - < * |
Red Hat | RHEL-8 based Middleware Containers | unaffected 7.13.5-4.1777325680 - < * |
Red Hat | RHEL-8 based Middleware Containers | unaffected 7.13.5-4.1777325708 - < * |
Red Hat | Red Hat AI Inference Server 3.2 | unaffected 1775740563 - < * |
Red Hat | Red Hat AI Inference Server 3.3 | unaffected 1778244559 - < * |
Red Hat | Red Hat AI Inference Server 3.3 | unaffected 1778244531 - < * |
Red Hat | Red Hat AI Inference Server 3.3 | unaffected 1778244546 - < * |
Red Hat | Red Hat AI Inference Server 3.3 | unaffected 1775680192 - < * |
Red Hat | Red Hat AI Inference Server 3.3 | unaffected 1775680262 - < * |
Red Hat | Red Hat AI Inference Server 3.3 | unaffected 1775749857 - < * |
Red Hat | Red Hat Ceph Storage 8 | unaffected 1774002867 - < * |
Red Hat | Red Hat Discovery 2 | unaffected 1775668717 - < * |
Red Hat | Red Hat Discovery 2 | unaffected 1775675922 - < * |
Red Hat | Red Hat Hardened Images | unaffected 3.8.12-1.1.hum1 - < * |
Red Hat | Red Hat Insights proxy 1.5 | unaffected 1773685509 - < * |
Red Hat | Red Hat Update Infrastructure 5 | unaffected 1773670073 - < * |
Red Hat | Red Hat Update Infrastructure 5 | unaffected 1773672059 - < * |
Red Hat | Red Hat Update Infrastructure 5 | unaffected 1773668803 - < * |
Red Hat | Red Hat Update Infrastructure 5 | unaffected 1773670137 - < * |
Red Hat | Red Hat Enterprise Linux 6 | All versions |
Red Hat | Red Hat Enterprise Linux 7 | All versions |
Red Hat | Red Hat OpenShift Container Platform 4 | All versions |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now