CNNVD-202507-1504 Information

CNNVD ID

CNNVD-202507-1504

Related CVE

CVE-2025-6395

• CNNVD Published: 2025-07-10

Description (Chinese)

GnuTLS是GnuTLS开源的一款免费的用于实现SSL、TLS和DTLS协议的安全通信库。 GnuTLS存在代码问题漏洞，该漏洞源于_gnutls_figure_common_ciphersuite函数中存在空指针取消引用，可能导致内存损坏和拒绝服务。

Description (English)

GnuTLS is a free-of-charge secure communications bank for the implementation of SSL, TLS and DTLS protocols. GnuTLS has a code problem loophole, which results from the existence of an empty pointer unreferenced in the function gnutls figure common ciphersuite, which may cause memory damage and denial of service.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Go JOSE

Published

2025-07-10

Last Modified

2026-02-24

References

https://bugzilla.redhat.com/show_bug.cgi?id=2376755 https://access.redhat.com/security/cve/CVE-2025-6395 https://nvd.nist.gov/vuln/detail/CVE-2025-6395 https://vigilance.fr/vulnerability/GnuTLS-four-vulnerabilities-dated-11-07-2025-47689