Explore top 10 tips to secure your open-source projects now. Read More
×
## This update for gnutls fixes the following issues * CVE-2025-14831: excessive resource consumption when verifying specially crafted malicious certificates containing a large number of name constraints and SANs (bsc#1257960). * CVE-2026-3833: incorrectly accepted domain names due to comparison during name constraints processing being case-sensitive (bsc#1263707). * CVE-2026-5260: heap overread when processing extremely short premaster secret as part of an RSA key exchange (bsc#1263715). * CVE-2026-33845: integer overflow and heap overrun when parsing fragments with zero length and non-zero offset during DTLS handshake (bsc#1263704). * CVE-2026-33846: heap overwrite during DTLS handshake fragment reassembly due to missing validations and checks (bsc#1263705).
* bsc#1257960
* bsc#1263704
* bsc#1263705
* bsc#1263707
* bsc#1263708
* bsc#1263709
* bsc#1263710
* bsc#1263711
* bsc#1263712
* bsc#1263713
* bsc#1263714
* bsc#1263715
Cross-
* CVE-2025-14831
* CVE-2026-33845
* CVE-2026-33846
* CVE-2026-3833
* CVE-2026-42009
* CVE-2026-42010
* CVE-2026-42011
* CVE-2026-42012
* CVE-2026-42013
* CVE-2026-42014
* CVE-2026-42015
* CVE-2026-5260
CVSS scores:
* CVE-2025-14831 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-14831 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-14831 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-33845 ( SUSE ): 8.8
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
Get the latest Linux and open source security news straight to your inbox.