CNNVD-202507-1384 Information

CNNVD ID

CNNVD-202507-1384

Related CVE

CVE-2025-32988

• CNNVD Published: 2025-07-10

Description (Chinese)

GnuTLS是GnuTLS开源的一款免费的用于实现SSL、TLS和DTLS协议的安全通信库。 GnuTLS存在资源管理错误漏洞，该漏洞源于SAN条目导出逻辑中的双重释放问题，可能导致拒绝服务或内存损坏。

Description (English)

GnuTLS is a free-of-charge secure communications bank for the implementation of SSL, TLS and DTLS protocols. GnuTLS has a resource management error loophole, which stems from the dual release problem in the export logic of the SAN entries and may lead to denial of service or memory damage.

Hazard Level

High

Vulnerability Type

资源管理错误

Affected Vendor

Go JOSE

Published

2025-07-10

Last Modified

2026-02-24

References

https://bugzilla.redhat.com/show_bug.cgi?id=2359622 https://access.redhat.com/security/cve/CVE-2025-32988 https://nvd.nist.gov/vuln/detail/CVE-2025-32988 https://vigilance.fr/vulnerability/GnuTLS-four-vulnerabilities-dated-11-07-2025-47689 https://www.oracle.com/security-alerts/cpujan2026.html