Nixpkgs security tracker
NIXPKGS-2026-0215
GitHub issue
published on
Permalink
CVE-2025-14831
5.3 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): LOW
by @LeSuisse Activity log
- Created suggestion
-
@LeSuisse
ignored
4 packages
- python312Packages.python3-gnutls
- python313Packages.python3-gnutls
- python314Packages.python3-gnutls
- guile-gnutls
-
@LeSuisse
deleted
maintainer.delete
3 maintainers
- @vcunat
- @foo-dogsquared
- @charlieshanley
- @LeSuisse accepted
- @LeSuisse published on GitHub
Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification
A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).
References
Affected products
rhcos
gnutls
Matching in nixpkgs
Ignored packages (4)
pkgs.guile-gnutls
Guile bindings for GnuTLS library
pkgs.python312Packages.python3-gnutls
Python wrapper for the GnuTLS library
-
nixos-25.11 python3-gnutls-3.1.10
- nixos-25.11-small python3-gnutls-3.1.10
- nixpkgs-25.11-darwin python3-gnutls-3.1.10
pkgs.python313Packages.python3-gnutls
Python wrapper for the GnuTLS library
-
nixos-unstable python3-gnutls-3.1.10
- nixpkgs-unstable python3-gnutls-3.1.10
- nixos-unstable-small python3-gnutls-3.1.10
-
nixos-25.11 python3-gnutls-3.1.10
- nixos-25.11-small python3-gnutls-3.1.10
- nixpkgs-25.11-darwin python3-gnutls-3.1.10
pkgs.python314Packages.python3-gnutls
Python wrapper for the GnuTLS library
-
nixos-unstable python3-gnutls-3.1.10
- nixpkgs-unstable python3-gnutls-3.1.10
- nixos-unstable-small python3-gnutls-3.1.10
Package maintainers
Ignored maintainers (1)
-
@vcunat Vladimír Čunát <v@cunat.cz>