CVE Catalog

CVE-2025-6395

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.62%

45th percentile - higher than 45% of all known CVEs

Summary

A NULL pointer dereference flaw was found in the GnuTLS library in the _gnutls_figure_common_ciphersuite() function.

Risk Assessment

This vulnerability may cause crashes in applications using GnuTLS, leading to disruption of network services.

Recommendation

It is recommended to immediately update the GnuTLS library to the latest patched version.

Original NVD description (English source)

A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().

Vulnerability data from NVD (NIST) · CISA KEV · EPSS