CVE-2025-14831 - Vulnerability Details - OpenCVE

A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00059.

Exploitation none

Automatable yes

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Red Hat

Red Hat Enterprise Linux 10

affected

Version	Status	Constraints
`0:3.8.10-3.el10_1`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 10.0 Extended Update Support

affected

Version	Status	Constraints
`0:3.8.9-9.el10_0.17`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 8

affected

Version	Status	Constraints
`0:3.6.16-8.el8_10.5`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 8

affected

Version	Status	Constraints
`0:3.6.16-8.el8_10.5`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 9

affected

Version	Status	Constraints
`0:3.8.3-10.el9_7`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 9

affected

Version	Status	Constraints
`0:3.8.3-10.el9_7`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

affected

Version	Status	Constraints
`0:3.7.6-21.el9_2.5`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 9.4 Extended Update Support

affected

Version	Status	Constraints
`0:3.8.3-4.el9_4.5`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 9.6 Extended Update Support

affected

Version	Status	Constraints
`0:3.8.3-6.el9_6.3`	unaffected	< *

Red Hat

RHEL-8 based Middleware Containers

affected

Version	Status	Constraints
`7.13.5-4.1777325677`	unaffected	< *

Red Hat

RHEL-8 based Middleware Containers

affected

Version	Status	Constraints
`7.13.5-4.1777325711`	unaffected	< *

Red Hat

RHEL-8 based Middleware Containers

affected

Version	Status	Constraints
`7.13.5-4.1777325710`	unaffected	< *

Red Hat

RHEL-8 based Middleware Containers

affected

Version	Status	Constraints
`7.13.5-3.1777325680`	unaffected	< *

Red Hat

RHEL-8 based Middleware Containers

affected

Version	Status	Constraints
`7.13.5-4.1777325709`	unaffected	< *

Red Hat

RHEL-8 based Middleware Containers

affected

Version	Status	Constraints
`7.13.5-4.1777325680`	unaffected	< *

Red Hat

RHEL-8 based Middleware Containers

affected

Version	Status	Constraints
`7.13.5-4.1777325708`	unaffected	< *

Red Hat

Red Hat AI Inference Server 3.2

affected

Version	Status	Constraints
`1775740563`	unaffected	< *

Red Hat

Red Hat AI Inference Server 3.3

affected

Version	Status	Constraints
`1775680192`	unaffected	< *

Red Hat

Red Hat AI Inference Server 3.3

affected

Version	Status	Constraints
`1775680262`	unaffected	< *

Red Hat

Red Hat AI Inference Server 3.3

affected

Version	Status	Constraints
`1775749857`	unaffected	< *

Red Hat

Red Hat Ceph Storage 8

affected

Version	Status	Constraints
`1774002867`	unaffected	< *

Red Hat

Red Hat Discovery 2

affected

Version	Status	Constraints
`1775668717`	unaffected	< *

Red Hat

Red Hat Discovery 2

affected

Version	Status	Constraints
`1775675922`	unaffected	< *

Red Hat

Red Hat Hardened Images

affected

Version	Status	Constraints
`3.8.12-1.1.hum1`	unaffected	< *

Red Hat

Red Hat Insights proxy 1.5

affected

Version	Status	Constraints
`1773685509`	unaffected	< *

Red Hat

Red Hat Update Infrastructure 5

affected

Version	Status	Constraints
`1773670073`	unaffected	< *

Red Hat

Red Hat Update Infrastructure 5

affected

Version	Status	Constraints
`1773672059`	unaffected	< *

Red Hat

Red Hat Update Infrastructure 5

affected

Version	Status	Constraints
`1773668803`	unaffected	< *

Red Hat

Red Hat Update Infrastructure 5

affected

Version	Status	Constraints
`1773670137`	unaffected	< *

Red Hat Red Hat Enterprise Linux 6 affected —

Red Hat Red Hat Enterprise Linux 7 affected —

Red Hat Red Hat OpenShift Container Platform 4 affected —

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Red Hat Subscribe	Enterprise Linux Subscribe
Redhat Subscribe	Openshift Container Platform Subscribe

Project Subscriptions

Vendors	Products
Red Hat Subscribe	Enterprise Linux Subscribe
Redhat Subscribe	Ai Inference Server Subscribe Ceph Storage Subscribe Discovery Subscribe Enterprise Linux Subscribe Enterprise Linux Eus Subscribe Hummingbird Subscribe Insights Proxy Subscribe Openshift Subscribe Openshift Container Platform Subscribe Rhel E4s Subscribe Rhel Eus Subscribe Rhosemc Subscribe Rhui Subscribe

Advisories

Source	ID	Title
Debian DLA	DLA-4492-1	gnutls28 security update
Debian DSA	DSA-6140-1	gnutls28 security update
Ubuntu USN	USN-8043-1	GnuTLS vulnerabilities

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://access.redhat.com/errata/RHSA-2026:13812
https://access.redhat.com/errata/RHSA-2026:3477
https://access.redhat.com/errata/RHSA-2026:4188
https://access.redhat.com/errata/RHSA-2026:4655
https://access.redhat.com/errata/RHSA-2026:4943
https://access.redhat.com/errata/RHSA-2026:5585
https://access.redhat.com/errata/RHSA-2026:5606
https://access.redhat.com/errata/RHSA-2026:6618
https://access.redhat.com/errata/RHSA-2026:6630
https://access.redhat.com/errata/RHSA-2026:6737
https://access.redhat.com/errata/RHSA-2026:6738
https://access.redhat.com/errata/RHSA-2026:7329
https://access.redhat.com/errata/RHSA-2026:7335
https://access.redhat.com/errata/RHSA-2026:7477
https://access.redhat.com/errata/RHSA-2026:8746
https://access.redhat.com/errata/RHSA-2026:8747
https://access.redhat.com/errata/RHSA-2026:8748
https://access.redhat.com/security/cve/CVE-2025-14831
https://bugzilla.redhat.com/show_bug.cgi?id=2423177
https://gitlab.com/gnutls/gnutls/-/issues/1773
https://nvd.nist.gov/vuln/detail/CVE-2025-14831
https://www.cve.org/CVERecord?id=CVE-2025-14831

History

Tue, 05 May 2026 18:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhosemc
CPEs		cpe:/a:redhat:rhosemc:1.0::el8
Vendors & Products		Redhat rhosemc
References		https://access.redhat.com/errata/RHSA-2026:13812

Wed, 22 Apr 2026 18:30:00 +0000

Type	Values Removed	Values Added
References		https://access.redhat.com/errata/RHSA-2026:7477

Fri, 17 Apr 2026 13:45:00 +0000

Type	Values Removed	Values Added
References		https://access.redhat.com/errata/RHSA-2026:8746 https://access.redhat.com/errata/RHSA-2026:8748

Fri, 17 Apr 2026 11:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:ai_inference_server:3.3::el9
References		https://access.redhat.com/errata/RHSA-2026:8747

Thu, 09 Apr 2026 21:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat ai Inference Server
CPEs		cpe:/a:redhat:ai_inference_server:3.2::el9
Vendors & Products		Redhat ai Inference Server
References		https://access.redhat.com/errata/RHSA-2026:7335

Thu, 09 Apr 2026 15:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat discovery
CPEs		cpe:/a:redhat:discovery:2::el9
Vendors & Products		Redhat discovery
References		https://access.redhat.com/errata/RHSA-2026:7329

Tue, 07 Apr 2026 18:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat hummingbird
CPEs		cpe:/a:redhat:hummingbird:1
Vendors & Products		Redhat hummingbird

Tue, 07 Apr 2026 11:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:rhel_eus:9.4::appstream cpe:/o:redhat:rhel_eus:9.4::baseos
References		https://access.redhat.com/errata/RHSA-2026:6738

Tue, 07 Apr 2026 08:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel E4s
CPEs		cpe:/a:redhat:rhel_e4s:9.2::appstream cpe:/o:redhat:rhel_e4s:9.2::baseos
Vendors & Products		Redhat rhel E4s
References		https://access.redhat.com/errata/RHSA-2026:6737

Mon, 06 Apr 2026 11:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat enterprise Linux Eus
CPEs		cpe:/o:redhat:enterprise_linux_eus:10.0
Vendors & Products		Redhat enterprise Linux Eus
References		https://access.redhat.com/errata/RHSA-2026:6618

Mon, 06 Apr 2026 08:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Eus
CPEs		cpe:/a:redhat:rhel_eus:9.6::appstream cpe:/o:redhat:rhel_eus:9.6::baseos
Vendors & Products		Redhat rhel Eus
References		https://access.redhat.com/errata/RHSA-2026:6630

Tue, 24 Mar 2026 11:00:00 +0000

Type	Values Removed	Values Added
CPEs	~~cpe:/o:redhat:enterprise_linux:8~~	cpe:/a:redhat:enterprise_linux:8::appstream cpe:/o:redhat:enterprise_linux:8::baseos
References		https://access.redhat.com/errata/RHSA-2026:5585

Tue, 24 Mar 2026 10:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat ceph Storage
CPEs		cpe:/a:redhat:ceph_storage:8::el9
Vendors & Products		Redhat ceph Storage
References		https://access.redhat.com/errata/RHSA-2026:5606

Wed, 18 Mar 2026 17:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhui
CPEs		cpe:/a:redhat:rhui:5::el9
Vendors & Products		Redhat rhui
References		https://access.redhat.com/errata/RHSA-2026:4943

Mon, 16 Mar 2026 20:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat insights Proxy
CPEs		cpe:/a:redhat:insights_proxy:1.5::el9
Vendors & Products		Redhat insights Proxy
References		https://access.redhat.com/errata/RHSA-2026:4655

Thu, 12 Mar 2026 17:45:00 +0000

Type	Values Removed	Values Added
References		https://gitlab.com/gnutls/gnutls/-/issues/1773

Wed, 11 Mar 2026 09:15:00 +0000

Type	Values Removed	Values Added
CPEs	~~cpe:/o:redhat:enterprise_linux:9~~	cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos
References		https://access.redhat.com/errata/RHSA-2026:4188

Mon, 02 Mar 2026 17:15:00 +0000

Type	Values Removed	Values Added
CPEs	~~cpe:/o:redhat:enterprise_linux:10~~	cpe:/o:redhat:enterprise_linux:10.1
References		https://access.redhat.com/errata/RHSA-2026:3477

Tue, 10 Feb 2026 15:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Red Hat Red Hat enterprise Linux Redhat openshift Container Platform
Vendors & Products		Red Hat Red Hat enterprise Linux Redhat openshift Container Platform

Tue, 10 Feb 2026 00:15:00 +0000

Type	Values Removed	Values Added
References		https://nvd.nist.gov/vuln/detail/CVE-2025-14831 https://www.cve.org/CVERecord?id=CVE-2025-14831
Metrics	threat_severity `None`	threat_severity `Moderate`

Mon, 09 Feb 2026 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 09 Feb 2026 15:15:00 +0000

Type	Values Removed	Values Added
Description		A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).
Title		Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification
First Time appeared		Redhat Redhat enterprise Linux Redhat openshift
Weaknesses		CWE-407
CPEs		cpe:/a:redhat:openshift:4 cpe:/o:redhat:enterprise_linux:10 cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9
Vendors & Products		Redhat Redhat enterprise Linux Redhat openshift
References		https://access.redhat.com/security/cve/CVE-2025-14831 https://bugzilla.redhat.com/show_bug.cgi?id=2423177
Metrics		cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2026-02-09T14:51:32.447Z

Updated: 2026-05-05T20:33:31.392Z

Reserved: 2025-12-17T14:44:59.859Z

Link: CVE-2025-14831

Vulnrichment

Updated: 2026-02-09T15:25:52.476Z

NVD

Status : Deferred

Published: 2026-02-09T15:16:09.937

Modified: 2026-05-05T18:16:00.410

Link: CVE-2025-14831

Redhat

Severity : Moderate

Publid Date: 2026-02-09T14:26:34Z

Links: CVE-2025-14831 - Bugzilla

OpenCVE Enrichment

Updated: 2026-04-20T15:45:10Z

Weaknesses

CWE-407

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-14831", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2025-12-17T14:44:59.859Z", "datePublished": "2026-02-09T14:51:32.447Z", "dateUpdated": "2026-05-05T20:33:31.392Z"}, "containers": {"cna": {"title": "Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs)."}], "affected": [{"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gnutls", "defaultStatus": "affected", "versions": [{"version": "0:3.8.10-3.el10_1", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:enterprise_linux:10.1"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10.0 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gnutls", "defaultStatus": "affected", "versions": [{"version": "0:3.8.9-9.el10_0.17", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:enterprise_linux_eus:10.0"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gnutls", "defaultStatus": "affected", "versions": [{"version": "0:3.6.16-8.el8_10.5", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/o:redhat:enterprise_linux:8::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gnutls", "defaultStatus": "affected", "versions": [{"version": "0:3.6.16-8.el8_10.5", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/o:redhat:enterprise_linux:8::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gnutls", "defaultStatus": "affected", "versions": [{"version": "0:3.8.3-10.el9_7", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gnutls", "defaultStatus": "affected", "versions": [{"version": "0:3.8.3-10.el9_7", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gnutls", "defaultStatus": "affected", "versions": [{"version": "0:3.7.6-21.el9_2.5", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:9.2::appstream", "cpe:/o:redhat:rhel_e4s:9.2::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.4 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gnutls", "defaultStatus": "affected", "versions": [{"version": "0:3.8.3-4.el9_4.5", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_eus:9.4::appstream", "cpe:/o:redhat:rhel_eus:9.4::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.6 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gnutls", "defaultStatus": "affected", "versions": [{"version": "0:3.8.3-6.el9_6.3", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_eus:9.6::appstream", "cpe:/o:redhat:rhel_eus:9.6::baseos"]}, {"vendor": "Red Hat", "product": "RHEL-8 based Middleware Containers", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhpam-7/rhpam-businesscentral-monitoring-rhel8", "defaultStatus": "affected", "versions": [{"version": "7.13.5-4.1777325677", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhosemc:1.0::el8"]}, {"vendor": "Red Hat", "product": "RHEL-8 based Middleware Containers", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhpam-7/rhpam-businesscentral-rhel8", "defaultStatus": "affected", "versions": [{"version": "7.13.5-4.1777325711", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhosemc:1.0::el8"]}, {"vendor": "Red Hat", "product": "RHEL-8 based Middleware Containers", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhpam-7/rhpam-controller-rhel8", "defaultStatus": "affected", "versions": [{"version": "7.13.5-4.1777325710", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhosemc:1.0::el8"]}, {"vendor": "Red Hat", "product": "RHEL-8 based Middleware Containers", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhpam-7/rhpam-dashbuilder-rhel8", "defaultStatus": "affected", "versions": [{"version": "7.13.5-3.1777325680", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhosemc:1.0::el8"]}, {"vendor": "Red Hat", "product": "RHEL-8 based Middleware Containers", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhpam-7/rhpam-kieserver-rhel8", "defaultStatus": "affected", "versions": [{"version": "7.13.5-4.1777325709", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhosemc:1.0::el8"]}, {"vendor": "Red Hat", "product": "RHEL-8 based Middleware Containers", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhpam-7/rhpam-process-migration-rhel8", "defaultStatus": "affected", "versions": [{"version": "7.13.5-4.1777325680", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhosemc:1.0::el8"]}, {"vendor": "Red Hat", "product": "RHEL-8 based Middleware Containers", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhpam-7/rhpam-smartrouter-rhel8", "defaultStatus": "affected", "versions": [{"version": "7.13.5-4.1777325708", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhosemc:1.0::el8"]}, {"vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhaiis/vllm-cuda-rhel9", "defaultStatus": "affected", "versions": [{"version": "1775740563", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"]}, {"vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.3", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhaiis/vllm-cuda-rhel9", "defaultStatus": "affected", "versions": [{"version": "1775680192", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:ai_inference_server:3.3::el9"]}, {"vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.3", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhaiis/vllm-rocm-rhel9", "defaultStatus": "affected", "versions": [{"version": "1775680262", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:ai_inference_server:3.3::el9"]}, {"vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.3", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhaiis/model-opt-cuda-rhel9", "defaultStatus": "affected", "versions": [{"version": "1775749857", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:ai_inference_server:3.3::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Ceph Storage 8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhceph/rhceph-8-rhel9", "defaultStatus": "affected", "versions": [{"version": "1774002867", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:ceph_storage:8::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Discovery 2", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "discovery/discovery-server-rhel9", "defaultStatus": "affected", "versions": [{"version": "1775668717", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:discovery:2::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Discovery 2", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "discovery/discovery-ui-rhel9", "defaultStatus": "affected", "versions": [{"version": "1775675922", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:discovery:2::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Hardened Images", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "gnutls-main", "defaultStatus": "affected", "versions": [{"version": "3.8.12-1.1.hum1", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:hummingbird:1"]}, {"vendor": "Red Hat", "product": "Red Hat Insights proxy 1.5", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "insights-proxy/insights-proxy-container-rhel9", "defaultStatus": "affected", "versions": [{"version": "1773685509", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:insights_proxy:1.5::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Update Infrastructure 5", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhui5/cds-rhel9", "defaultStatus": "affected", "versions": [{"version": "1773670073", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhui:5::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Update Infrastructure 5", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhui5/haproxy-rhel9", "defaultStatus": "affected", "versions": [{"version": "1773672059", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhui:5::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Update Infrastructure 5", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhui5/installer-rhel9", "defaultStatus": "affected", "versions": [{"version": "1773668803", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhui:5::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Update Infrastructure 5", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhui5/rhua-rhel9", "defaultStatus": "affected", "versions": [{"version": "1773670137", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhui:5::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gnutls", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:6"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gnutls", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:7"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhcos", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:openshift:4"]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2026:13812", "name": "RHSA-2026:13812", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:3477", "name": "RHSA-2026:3477", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:4188", "name": "RHSA-2026:4188", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:4655", "name": "RHSA-2026:4655", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:4943", "name": "RHSA-2026:4943", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:5585", "name": "RHSA-2026:5585", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:5606", "name": "RHSA-2026:5606", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:6618", "name": "RHSA-2026:6618", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:6630", "name": "RHSA-2026:6630", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:6737", "name": "RHSA-2026:6737", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:6738", "name": "RHSA-2026:6738", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:7329", "name": "RHSA-2026:7329", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:7335", "name": "RHSA-2026:7335", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:7477", "name": "RHSA-2026:7477", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:8746", "name": "RHSA-2026:8746", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:8747", "name": "RHSA-2026:8747", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:8748", "name": "RHSA-2026:8748", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2025-14831", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423177", "name": "RHBZ#2423177", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://gitlab.com/gnutls/gnutls/-/issues/1773"}], "datePublic": "2026-02-09T14:26:34.939Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-407", "description": "Inefficient Algorithmic Complexity", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-407: Inefficient Algorithmic Complexity", "timeline": [{"lang": "en", "time": "2025-12-17T14:48:30.222Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2026-02-09T14:26:34.939Z", "value": "Made public."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-05-05T20:33:31.392Z"}, "x_generator": {"engine": "cvelib 1.8.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-09T15:25:49.680881Z", "id": "CVE-2025-14831", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-09T15:26:01.239Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-14831", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-09T15:25:49.680881Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-09T15:25:52.476Z"}}], "cna": {"title": "Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification", "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"cpes": ["cpe:/o:redhat:enterprise_linux:10.1"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "versions": [{"status": "unaffected", "version": "0:3.8.10-3.el10_1", "lessThan": "*", "versionType": "rpm"}], "packageName": "gnutls", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux_eus:10.0"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10.0 Extended Update Support", "versions": [{"status": "unaffected", "version": "0:3.8.9-9.el10_0.17", "lessThan": "*", "versionType": "rpm"}], "packageName": "gnutls", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/o:redhat:enterprise_linux:8::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "versions": [{"status": "unaffected", "version": "0:3.6.16-8.el8_10.5", "lessThan": "*", "versionType": "rpm"}], "packageName": "gnutls", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/o:redhat:enterprise_linux:8::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "versions": [{"status": "unaffected", "version": "0:3.6.16-8.el8_10.5", "lessThan": "*", "versionType": "rpm"}], "packageName": "gnutls", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "versions": [{"status": "unaffected", "version": "0:3.8.3-10.el9_7", "lessThan": "*", "versionType": "rpm"}], "packageName": "gnutls", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "versions": [{"status": "unaffected", "version": "0:3.8.3-10.el9_7", "lessThan": "*", "versionType": "rpm"}], "packageName": "gnutls", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:9.2::appstream", "cpe:/o:redhat:rhel_e4s:9.2::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "0:3.7.6-21.el9_2.5", "lessThan": "*", "versionType": "rpm"}], "packageName": "gnutls", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_eus:9.4::appstream", "cpe:/o:redhat:rhel_eus:9.4::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.4 Extended Update Support", "versions": [{"status": "unaffected", "version": "0:3.8.3-4.el9_4.5", "lessThan": "*", "versionType": "rpm"}], "packageName": "gnutls", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_eus:9.6::appstream", "cpe:/o:redhat:rhel_eus:9.6::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.6 Extended Update Support", "versions": [{"status": "unaffected", "version": "0:3.8.3-6.el9_6.3", "lessThan": "*", "versionType": "rpm"}], "packageName": "gnutls", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhosemc:1.0::el8"], "vendor": "Red Hat", "product": "RHEL-8 based Middleware Containers", "versions": [{"status": "unaffected", "version": "7.13.5-4.1777325677", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhpam-7/rhpam-businesscentral-monitoring-rhel8", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhosemc:1.0::el8"], "vendor": "Red Hat", "product": "RHEL-8 based Middleware Containers", "versions": [{"status": "unaffected", "version": "7.13.5-4.1777325711", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhpam-7/rhpam-businesscentral-rhel8", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhosemc:1.0::el8"], "vendor": "Red Hat", "product": "RHEL-8 based Middleware Containers", "versions": [{"status": "unaffected", "version": "7.13.5-4.1777325710", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhpam-7/rhpam-controller-rhel8", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhosemc:1.0::el8"], "vendor": "Red Hat", "product": "RHEL-8 based Middleware Containers", "versions": [{"status": "unaffected", "version": "7.13.5-3.1777325680", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhpam-7/rhpam-dashbuilder-rhel8", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhosemc:1.0::el8"], "vendor": "Red Hat", "product": "RHEL-8 based Middleware Containers", "versions": [{"status": "unaffected", "version": "7.13.5-4.1777325709", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhpam-7/rhpam-kieserver-rhel8", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhosemc:1.0::el8"], "vendor": "Red Hat", "product": "RHEL-8 based Middleware Containers", "versions": [{"status": "unaffected", "version": "7.13.5-4.1777325680", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhpam-7/rhpam-process-migration-rhel8", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhosemc:1.0::el8"], "vendor": "Red Hat", "product": "RHEL-8 based Middleware Containers", "versions": [{"status": "unaffected", "version": "7.13.5-4.1777325708", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhpam-7/rhpam-smartrouter-rhel8", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:ai_inference_server:3.2::el9"], "vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.2", "versions": [{"status": "unaffected", "version": "1775740563", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhaiis/vllm-cuda-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:ai_inference_server:3.3::el9"], "vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.3", "versions": [{"status": "unaffected", "version": "1775680192", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhaiis/vllm-cuda-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:ai_inference_server:3.3::el9"], "vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.3", "versions": [{"status": "unaffected", "version": "1775680262", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhaiis/vllm-rocm-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:ai_inference_server:3.3::el9"], "vendor": "Red Hat", "product": "Red Hat AI Inference Server 3.3", "versions": [{"status": "unaffected", "version": "1775749857", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhaiis/model-opt-cuda-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:ceph_storage:8::el9"], "vendor": "Red Hat", "product": "Red Hat Ceph Storage 8", "versions": [{"status": "unaffected", "version": "1774002867", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhceph/rhceph-8-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:discovery:2::el9"], "vendor": "Red Hat", "product": "Red Hat Discovery 2", "versions": [{"status": "unaffected", "version": "1775668717", "lessThan": "*", "versionType": "rpm"}], "packageName": "discovery/discovery-server-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:discovery:2::el9"], "vendor": "Red Hat", "product": "Red Hat Discovery 2", "versions": [{"status": "unaffected", "version": "1775675922", "lessThan": "*", "versionType": "rpm"}], "packageName": "discovery/discovery-ui-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:hummingbird:1"], "vendor": "Red Hat", "product": "Red Hat Hardened Images", "versions": [{"status": "unaffected", "version": "3.8.12-1.1.hum1", "lessThan": "*", "versionType": "rpm"}], "packageName": "gnutls-main", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:insights_proxy:1.5::el9"], "vendor": "Red Hat", "product": "Red Hat Insights proxy 1.5", "versions": [{"status": "unaffected", "version": "1773685509", "lessThan": "*", "versionType": "rpm"}], "packageName": "insights-proxy/insights-proxy-container-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhui:5::el9"], "vendor": "Red Hat", "product": "Red Hat Update Infrastructure 5", "versions": [{"status": "unaffected", "version": "1773670073", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhui5/cds-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhui:5::el9"], "vendor": "Red Hat", "product": "Red Hat Update Infrastructure 5", "versions": [{"status": "unaffected", "version": "1773672059", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhui5/haproxy-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhui:5::el9"], "vendor": "Red Hat", "product": "Red Hat Update Infrastructure 5", "versions": [{"status": "unaffected", "version": "1773668803", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhui5/installer-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhui:5::el9"], "vendor": "Red Hat", "product": "Red Hat Update Infrastructure 5", "versions": [{"status": "unaffected", "version": "1773670137", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhui5/rhua-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:6"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "packageName": "gnutls", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:7"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "packageName": "gnutls", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4", "packageName": "rhcos", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}], "timeline": [{"lang": "en", "time": "2025-12-17T14:48:30.222Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2026-02-09T14:26:34.939Z", "value": "Made public."}], "datePublic": "2026-02-09T14:26:34.939Z", "references": [{"url": "https://access.redhat.com/errata/RHSA-2026:13812", "name": "RHSA-2026:13812", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:3477", "name": "RHSA-2026:3477", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:4188", "name": "RHSA-2026:4188", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:4655", "name": "RHSA-2026:4655", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:4943", "name": "RHSA-2026:4943", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:5585", "name": "RHSA-2026:5585", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:5606", "name": "RHSA-2026:5606", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:6618", "name": "RHSA-2026:6618", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:6630", "name": "RHSA-2026:6630", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:6737", "name": "RHSA-2026:6737", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:6738", "name": "RHSA-2026:6738", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:7329", "name": "RHSA-2026:7329", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:7335", "name": "RHSA-2026:7335", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:7477", "name": "RHSA-2026:7477", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:8746", "name": "RHSA-2026:8746", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:8747", "name": "RHSA-2026:8747", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:8748", "name": "RHSA-2026:8748", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2025-14831", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423177", "name": "RHBZ#2423177", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://gitlab.com/gnutls/gnutls/-/issues/1773"}], "x_generator": {"engine": "cvelib 1.8.0"}, "descriptions": [{"lang": "en", "value": "A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs)."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-407", "description": "Inefficient Algorithmic Complexity"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-05-05T20:33:31.392Z"}, "x_redhatCweChain": "CWE-407: Inefficient Algorithmic Complexity"}}, "cveMetadata": {"cveId": "CVE-2025-14831", "state": "PUBLISHED", "dateUpdated": "2026-05-05T20:33:31.392Z", "dateReserved": "2025-12-17T14:44:59.859Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2026-02-09T14:51:32.447Z", "assignerShortName": "redhat"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs)."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo en GnuTLS. Esta vulnerabilidad permite una denegaci\u00f3n de servicio (DoS) mediante un consumo excesivo de CPU (Unidad Central de Procesamiento) y memoria a trav\u00e9s de certificados maliciosos especialmente dise\u00f1ados que contienen un gran n\u00famero de restricciones de nombre y nombres alternativos del sujeto (SANs)."}], "id": "CVE-2025-14831", "lastModified": "2026-05-05T18:16:00.410", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2026-02-09T15:16:09.937", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:13812"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:3477"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:4188"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:4655"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:4943"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:5585"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:5606"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:6618"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:6630"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:6737"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:6738"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:7329"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:7335"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:7477"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:8746"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:8747"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:8748"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/security/cve/CVE-2025-14831"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423177"}, {"source": "secalert@redhat.com", "url": "https://gitlab.com/gnutls/gnutls/-/issues/1773"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-407"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": null}], "product": "enterprise_linux", "vendor": "red_hat"}, {"configurations": [{"platform": null, "status": "affected", "versions": null}], "product": "openshift_container_platform", "vendor": "redhat"}], "analysis": {"en": {"generated_at": "2026-04-20T15:36:09.446533+00:00", "value": {"mitigation_remediation": ["Install the latest Red\u00a0Hat package updates RHSA\u20112026:3477 and related errata to upgrade GnuTLS to the fixed release.", "After updating, restart all services that use GnuTLS, such as web servers, database connectors, and certificate verification components, to load the patched library.", "If a patch cannot be applied immediately, restrict inbound TLS traffic to trusted clients or temporarily disable services that use the vulnerable library until the update is available."], "summary": {"action": "Apply Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "Affected products include Red\u00a0Hat AI Inference Server 3.2 and 3.3, Red\u00a0Hat Ceph Storage 8, Red\u00a0Hat Discovery 2, several releases of Red\u00a0Hat Enterprise Linux (6,\u202f7,\u202f8,\u202f9,\u202f10 and related extended update support branches), Red\u00a0Hat Hardened Images, Red\u00a0Hat Insights proxy 1.5, Red\u00a0Hat OpenShift Container Platform 4, and Red\u00a0Hat Update Infrastructure 5. All of these incorporate the vulnerable GnuTLS library and are susceptible.", "description_and_impact": "The vulnerability resides in GnuTLS and permits a denial of service by forcing the library to consume excessive CPU and memory while verifying certificates that contain a very large number of name constraints or subject alternative names. The result is that the TLS handshake stalls or crashes, preventing legitimate connections from succeeding and potentially exhausting system resources.", "risk_and_exploitability": "The CVSS score of 5.3 places the vulnerability in the medium severity range. The EPSS score is below 1%, indicating a very low probability of exploitation in the wild as of now, and the vulnerability is not listed in CISA's KEV catalog. Nevertheless, an attacker could trigger the denial of service by presenting a malicious certificate during a TLS handshake, a remote path that is typically available to networked clients. The exploit would require the target to load the vulnerable GnuTLS library, which is present in most of the listed Red\u00a0Hat products."}}}}, "created": "2026-02-10T15:37:37.333272+00:00", "updated": "2026-04-20T15:45:10.369832+00:00", "vendors": ["red_hat", "red_hat$PRODUCT$enterprise_linux", "redhat", "redhat$PRODUCT$openshift_container_platform"]}