CVEFinder.io

CVE-2025-32989

đŸ”ļ medium
Summary

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checke

Description

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.

CVSS Score
5.3
Medium
EPSS Score
0.1
Exploit Probability
Published Date
2025-07-10
First Seen: 2026-01-05
Last Modified 2025-12-01
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE IDs (Weakness Types)
CWE-295

🔗 References 10

https://access.redhat.com/errata/RHSA-2025:16115
https://access.redhat.com/errata/RHSA-2025:16116
https://access.redhat.com/errata/RHSA-2025:17181
https://access.redhat.com/errata/RHSA-2025:17348
https://access.redhat.com/errata/RHSA-2025:17361
https://access.redhat.com/errata/RHSA-2025:19088
https://access.redhat.com/errata/RHSA-2025:22529
https://access.redhat.com/security/cve/CVE-2025-32989
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2359621
Issue Tracking
http://www.openwall.com/lists/oss-security/2025/07/11/3

đŸ“Ļ Affected Products 7

Vendor Product Status Affected Versions
gnu gnutls Affected
v-
redhat enterprise_linux Affected
v10.0
redhat enterprise_linux Affected
v6.0
redhat enterprise_linux Affected
v7.0
redhat enterprise_linux Affected
v8.0
redhat enterprise_linux Affected
v9.0
redhat openshift_container_platform Affected
v4.0

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2025-14512 đŸ”ļ medium 6.5 0.1 A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer ov... 2025-12-11
CVE-2025-14087 đŸ”ļ medium 5.6 0.3 A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a... 2025-12-10
CVE-2025-9784 ⚠ī¸ high 7.5 0.4 A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering ab... 2025-09-02
CVE-2025-8283 ℹī¸ low 3.7 0.0 A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman se... 2025-07-28
CVE-2025-7519 đŸ”ļ medium 6.7 0.0 A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds wri... 2025-07-14
CVE-2025-32988 đŸ”ļ medium 6.5 0.1 A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the expo... 2025-07-10
These CVEs affect the same products